--- loncom/interface/lonpreferences.pm 2016/09/12 15:51:08 1.221 +++ loncom/interface/lonpreferences.pm 2020/02/09 04:43:20 1.236 @@ -1,7 +1,7 @@ # The LearningOnline Network # Preferences # -# $Id: lonpreferences.pm,v 1.221 2016/09/12 15:51:08 raeburn Exp $ +# $Id: lonpreferences.pm,v 1.236 2020/02/09 04:43:20 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -27,8 +27,6 @@ # # This package uses the "londes.js" javascript code. # -# TODOs that have to be completed: -# interface with lonnet to change the password package Apache::lonpreferences; @@ -365,7 +363,7 @@ $options.' &Apache::lonhtmlcommon::row_closure(1). &Apache::lonhtmlcommon::end_pick_box().' '); - if ($roles_check_list) { + if ($roles_check_list) { $r->print('

'.&mt('Freeze Roles').'

'.&mt('The table below can be used to [_1]freeze[_2] '.$lc_role.'s in the Hotlist.','','').'
'. @@ -477,7 +475,6 @@ sub verify_and_change_rolespref { } - ################################################################ # Anonymous Discussion Name Change Subroutines # ################################################################ @@ -757,8 +754,10 @@ sub domcoordchanger { my $text=&mt('By default, the Domain Coordinator can enter your Authoring Space.'); my $construction=&mt('Block access to Authoring Space'); my $change=&mt('Save'); + my $returnurl = &HTML::Entities::encode($env{'form.returnurl'},'"<>&\''); $r->print(< + $text

@@ -783,7 +782,11 @@ sub verify_and_change_domcoord { } my $message=&Apache::lonhtmlcommon::confirm_success(&mt('Set [_1] to [_2]',''.&mt('Block access to Authoring Space').'',''.$status.'')); $message=&Apache::loncommon::confirmwrapper($message); - &print_main_menu($r,$message); + if ($env{'form.returnurl'}) { + &do_redirect($r,$env{'form.returnurl'},$message); + } else { + &print_main_menu($r,$message); + } } ################################################################# @@ -1258,7 +1261,7 @@ sub verify_and_change_colors { # password handler subroutines # ###################################################### sub passwordchanger { - my ($r,$errormessage,$caller,$mailtoken) = @_; + my ($r,$errormessage,$caller,$mailtoken,$timelimit,$extrafields) = @_; # This function is a bit of a mess.... # Passwords are encrypted using londes.js (DES encryption) $errormessage = ($errormessage || ''); @@ -1270,55 +1273,61 @@ sub passwordchanger { $r->print(Apache::loncommon::start_page('Personal Data')); $r->print(Apache::lonhtmlcommon::breadcrumbs('Change Password')); } - my ($blocked,$blocktext) = - &Apache::loncommon::blocking_status('passwd'); - if ($blocked) { - $r->print('

'.$blocktext.'

'); - return; - } if ((!defined($caller)) || ($caller eq 'preferences')) { $user = $env{'user.name'}; $domain = $env{'user.domain'}; if (!defined($caller)) { $caller = 'preferences'; } + my ($blocked,$blocktext) = + &Apache::loncommon::blocking_status('passwd'); + if ($blocked) { + $r->print('

'.$blocktext.'

'); + return; + } } elsif ($caller eq 'reset_by_email') { - my %data = &Apache::lonnet::tmpget($mailtoken); - if (keys(%data) == 0) { - $r->print( - '

' - .&mt('Sorry, the URL you provided to complete the reset of your password was invalid. Either the token included in the URL has been deleted or the URL you provided was invalid. Please submit a [_1]new request[_2] for a password reset, and follow the link to the new URL included in the e-mail that will be sent to you, to allow you to enter a new password.' - ,'','') - .'

' - ); - return; - } - if (defined($data{time})) { - if (time - $data{'time'} < 7200) { - $user = $data{'username'}; - $domain = $data{'domain'}; - $currentpass = $data{'temppasswd'}; - } else { - $r->print( - '

' - .&mt('Sorry, the token generated when you requested' - .' a password reset has expired.') - .'

' - ); + my %data = &Apache::lonnet::tmpget($mailtoken); + if (keys(%data) == 0) { + $r->print( + '

' + .&mt('Sorry, the URL you provided to complete the reset of your password was invalid. Either the token included in the URL has been deleted or the URL you provided was invalid. Please submit a [_1]new request[_2] for a password reset, and follow the link to the new URL included in the e-mail that will be sent to you, to allow you to enter a new password.' + ,'','') + .'

' + ); + return; + } + if (defined($data{time})) { + if (time - $data{'time'} < $timelimit) { + $user = $data{'username'}; + $domain = $data{'domain'}; + $currentpass = $data{'temppasswd'}; + my ($blocked,$blocktext) = + &Apache::loncommon::blocking_status('passwd',$user,$domain); + if ($blocked) { + $r->print('

'.$blocktext.'

'); return; } } else { $r->print( '

' - .&mt('Sorry, the URL generated when you requested reset of' - .' your password contained incomplete information.') + .&mt('Sorry, the token generated when you requested' + .' a password reset has expired.') .'

' ); return; } - if (&Apache::lonnet::domain($domain) eq '') { - $domain = $r->dir_config('lonDefDomain'); - } + } else { + $r->print( + '

' + .&mt('Sorry, the URL generated when you requested reset of' + .' your password contained incomplete information.') + .'

' + ); + return; + } + if (&Apache::lonnet::domain($domain) eq '') { + $domain = $r->dir_config('lonDefDomain'); + } } else { $r->print( '

' @@ -1357,7 +1366,7 @@ sub passwordchanger { my $jsh=Apache::File->new($include."/londes.js"); $r->print(<$jsh>); } - $r->print(&jscript_send($caller)); + $r->print(&jscript_send($caller,$domain,$currentauth,$extrafields)); $r->print(< ENDFORM - $r->print(&server_form($logtoken,$caller,$mailtoken)); - $r->print(&client_form($caller,\%hexkey,$currentpass,$domain)); + $r->print(&server_form($logtoken,$caller,$mailtoken,$extrafields)); + $r->print(&client_form($caller,\%hexkey,$currentpass,$domain,$extrafields)); # return; } sub jscript_send { - my ($caller) = @_; + my ($caller,$domain,$currentauth,$extrafields) = @_; + my ($min,$max,$rulestr,$numrules); + $min = $Apache::lonnet::passwdmin; + my %js_lt = &Apache::lonlocal::texthash( + uc => 'New password needs at least one upper case letter', + lc => 'New password needs at least one lower case letter', + num => 'New password needs at least one number', + spec => 'New password needs at least one non-alphanumeric', + blank1 => 'Empty Password field', + blank2 => 'Empty Confirm Password field', + mismatch => 'Contents of Password and Confirm Password fields must match', + fail => 'Please fix the following:', + ); + &js_escape(\%js_lt); + if ($currentauth eq 'internal:') { + if ($domain ne '') { + my %passwdconf = &Apache::lonnet::get_passwdconf($domain); + if (keys(%passwdconf)) { + if ($passwdconf{min}) { + $min = $passwdconf{min}; + } + if ($passwdconf{max}) { + $max = $passwdconf{max}; + $js_lt{'long'} = &js_escape(&mt('Maximum password length: [_1]',$max)); + } + if (ref($passwdconf{chars}) eq 'ARRAY') { + if (@{$passwdconf{chars}}) { + $rulestr = join('","',@{$passwdconf{chars}}); + $numrules = scalar(@{$passwdconf{chars}}); + } + } + } + } + } + $js_lt{'short'} = &js_escape(&mt('Minimum password length: [_1]',$min)); + + my $passwdcheck = <<"ENDJS"; + var errors = new Array(); + var min = parseInt("$min") || 0; + var currauth = "$currentauth"; + if (this.document.client.elements.newpass_1.value == '') { + errors.push("$js_lt{'blank1'}"); + } + if (this.document.client.elements.newpass_2.value == '') { + errors.push("$js_lt{'blank2'}"); + } + if (errors.length == 0) { + if (this.document.client.elements.newpass_1.value != this.document.client.elements.newpass_2.value) { + errors.push("$js_lt{'mismatch'}"); + } + var posspass = this.document.client.elements.newpass_1.value; + if (min > 0) { + if (posspass.length < min) { + errors.push("$js_lt{'short'}"); + } + } + if (currauth == 'internal:') { + var max = parseInt("$max") || 0; + if (max > 0) { + if (posspass.length > max) { + errors.push("$js_lt{'long'}"); + } + } + var numrules = parseInt("$numrules") || 0; + if (numrules > 0) { + var rules = new Array("$rulestr"); + for (var i=0; i\\/?]/; + if (!posspass.match(pattern)) { + errors.push("$js_lt{'spec'}"); + } + } + } + } + } + } + if (errors.length > 0) { + alert("$js_lt{'fail'}"+"\\n\\n"+errors.join("\\n")); + return; + } +ENDJS my $output = qq|