1: # The LearningOnline Network
2: # Preferences
3: #
4: # $Id: lonpreferences.pm,v 1.18 2003/04/01 22:21:45 www Exp $
5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28: # (Internal Server Error Handler
29: #
30: # (Login Screen
31: # 5/21/99,5/22,5/25,5/26,5/31,6/2,6/10,7/12,7/14,
32: # 1/14/00,5/29,5/30,6/1,6/29,7/1,11/9 Gerd Kortemeyer)
33: #
34: # 3/1/1 Gerd Kortemeyer)
35: #
36: # 3/1 Gerd Kortemeyer
37: #
38: # 2/13/02 2/14 2/15 Matthew Hall
39: #
40: # This package uses the "londes.js" javascript code.
41: #
42: # TODOs that have to be completed:
43: # interface with lonnet to change the password
44:
45: package Apache::lonpreferences;
46:
47: use strict;
48: use Apache::Constants qw(:common);
49: use Apache::File;
50: use Crypt::DES;
51: use DynaLoader; # for Crypt::DES version
52: use Apache::loncommon();
53:
54: #
55: # Write lonnet::passwd to do the call below.
56: # Use:
57: # my $answer=reply("encrypt:passwd:$udom:$uname:$upass",$tryserver);
58: #
59: ##################################################
60: # password associated functions #
61: ##################################################
62: sub des_keys {
63: # Make a new key for DES encryption.
64: # Each key has two parts which are returned seperately.
65: # Please note: Each key must be passed through the &hex function
66: # before it is output to the web browser. The hex versions cannot
67: # be used to decrypt.
68: my @hexstr=('0','1','2','3','4','5','6','7',
69: '8','9','a','b','c','d','e','f');
70: my $lkey='';
71: for (0..7) {
72: $lkey.=$hexstr[rand(15)];
73: }
74: my $ukey='';
75: for (0..7) {
76: $ukey.=$hexstr[rand(15)];
77: }
78: return ($lkey,$ukey);
79: }
80:
81: sub des_decrypt {
82: my ($key,$cyphertext) = @_;
83: my $keybin=pack("H16",$key);
84: my $cypher;
85: if ($Crypt::DES::VERSION>=2.03) {
86: $cypher=new Crypt::DES $keybin;
87: } else {
88: $cypher=new DES $keybin;
89: }
90: my $plaintext=
91: $cypher->decrypt(unpack("a8",pack("H16",substr($cyphertext,0,16))));
92: $plaintext.=
93: $cypher->decrypt(unpack("a8",pack("H16",substr($cyphertext,16,16))));
94: $plaintext=substr($plaintext,1,ord(substr($plaintext,0,1)) );
95: return $plaintext;
96: }
97:
98: ################################################################
99: # Handler subroutines #
100: ################################################################
101:
102: ################################################################
103: # Anonymous Discussion Name Change Subroutines #
104: ################################################################
105: sub screennamechanger {
106: my $r = shift;
107: my $user = $ENV{'user.name'};
108: my $domain = $ENV{'user.domain'};
109: my %userenv = &Apache::lonnet::get
110: ('environment',['screenname','nickname']);
111: my $screenname=$userenv{'screenname'};
112: my $nickname=$userenv{'nickname'};
113: my $bodytag=&Apache::loncommon::bodytag(
114: 'Change Your Nickname and Anonymous Screen Name');
115: $r->print(<<ENDSCREEN);
116: <html>
117: $bodytag
118:
119: <form name="server" action="/adm/preferences" method="post">
120: <input type="hidden" name="action" value="verify_and_change_screenname" />
121: <br />New screenname (shown if you post anonymously):
122: <input type="text" size="20" value="$screenname" name="screenname" />
123: <br />New nickname (shown if you post non-anonymously):
124: <input type="text" size="20" value="$nickname" name="nickname" />
125: <input type="submit" value="Change" />
126: </form>
127: </body>
128: </html>
129: ENDSCREEN
130: }
131:
132: sub verify_and_change_screenname {
133: my $r = shift;
134: my $user = $ENV{'user.name'};
135: my $domain = $ENV{'user.domain'};
136: # Screenname
137: my $newscreen = $ENV{'form.screenname'};
138: $newscreen=~s/[^ \w]//g;
139: my $message='';
140: if ($newscreen) {
141: &Apache::lonnet::put('environment',{'screenname' => $newscreen});
142: &Apache::lonnet::appenv('environment.screenname' => $newscreen);
143: $message='Set new screenname to '.$newscreen;
144: } else {
145: &Apache::lonnet::del('environment',['screenname']);
146: &Apache::lonnet::delenv('environment\.screenname');
147: $message='Reset screenname';
148: }
149: # Nickname
150: $message.='<br />';
151: $newscreen = $ENV{'form.nickname'};
152: $newscreen=~s/[^ \w]//g;
153: if ($newscreen) {
154: &Apache::lonnet::put('environment',{'nickname' => $newscreen});
155: &Apache::lonnet::appenv('environment.nickname' => $newscreen);
156: $message.='Set new nickname to '.$newscreen;
157: } else {
158: &Apache::lonnet::del('environment',['nickname']);
159: &Apache::lonnet::delenv('environment\.nickname');
160: $message.='Reset nickname';
161: }
162:
163: my $bodytag=&Apache::loncommon::bodytag(
164: 'Change Your Nickname and Anonymous Screen Name');
165: $r->print(<<ENDVCSCREEN);
166: <html>
167: $bodytag
168: </p>
169: $message
170: </body></html>
171: ENDVCSCREEN
172: }
173:
174: ################################################################
175: # Message Forward #
176: ################################################################
177:
178: sub msgforwardchanger {
179: my $r = shift;
180: my $user = $ENV{'user.name'};
181: my $domain = $ENV{'user.domain'};
182: my %userenv = &Apache::lonnet::get('environment',['msgforward']);
183: my $msgforward=$userenv{'msgforward'};
184: my $notification=$userenv{'notification'};
185: my $critnotification=$userenv{'critnotification'};
186: my $bodytag=&Apache::loncommon::bodytag(
187: 'Change Your Message Forwarding and Notification');
188: $r->print(<<ENDMSG);
189: <html>
190: $bodytag
191:
192: <form name="server" action="/adm/preferences" method="post">
193: <input type="hidden" name="action" value="verify_and_change_msgforward" />
194: New Forwarding Address(es) (<tt>user:domain,user:domain,...</tt>):
195: <input type="text" size="40" value="$msgforward" name="msgforward" /><hr />
196: New Message Notification Email Address(es) (<tt>joe\@doe.com,jane\@doe.edu,...</tt>):
197: <input type="text" size="40" value="$notification" name="notification" /><hr />
198: New Critical Message Notification Email Address(es) (<tt>joe\@doe.com,jane\@doe.edu,...</tt>):
199: <input type="text" size="40" value="$critnotification" name="critnotification" /><hr />
200: <input type="submit" value="Change" />
201: </form>
202: </body>
203: </html>
204: ENDMSG
205: }
206:
207: sub verify_and_change_msgforward {
208: my $r = shift;
209: my $user = $ENV{'user.name'};
210: my $domain = $ENV{'user.domain'};
211: my $newscreen = '';
212: my $message='';
213: foreach (split(/\,/,$ENV{'form.msgforward'})) {
214: my ($msuser,$msdomain)=split(/[\@\:]/,$_);
215: $msuser=~s/\W//g;
216: $msdomain=~s/\W//g;
217: if (($msuser) && ($msdomain)) {
218: if (&Apache::lonnet::homeserver($msuser,$msdomain) ne 'no_host') {
219: $newscreen.=$msuser.':'.$msdomain.',';
220: } else {
221: $message.='No such user: '.$msuser.':'.$msdomain.'<br>';
222: }
223: }
224: }
225: $newscreen=~s/\,$//;
226: if ($newscreen) {
227: &Apache::lonnet::put('environment',{'msgforward' => $newscreen});
228: &Apache::lonnet::appenv('environment.msgforward' => $newscreen);
229: $message.='Set new message forwarding to '.$newscreen.'<br />';
230: } else {
231: &Apache::lonnet::del('environment',['msgforward']);
232: &Apache::lonnet::delenv('environment\.msgforward');
233: $message.='Reset message forwarding<br />';
234: }
235: my $notification=$ENV{'form.notification'};
236: $notification=~s/\s//gs;
237: if ($notification) {
238: &Apache::lonnet::put('environment',{'notification' => $notification});
239: &Apache::lonnet::appenv('environment.notification' => $notification);
240: $message.='Set message notification address to '.$notification.'<br />';
241: } else {
242: &Apache::lonnet::del('environment',['notification']);
243: &Apache::lonnet::delenv('environment\.notification');
244: $message.='Reset message notification<br />';
245: }
246: my $critnotification=$ENV{'form.critnotification'};
247: $critnotification=~s/\s//gs;
248: if ($critnotification) {
249: &Apache::lonnet::put('environment',{'critnotification' => $critnotification});
250: &Apache::lonnet::appenv('environment.critnotification' => $critnotification);
251: $message.='Set critical message notification address to '.$critnotification;
252: } else {
253: &Apache::lonnet::del('environment',['critnotification']);
254: &Apache::lonnet::delenv('environment\.critnotification');
255: $message.='Reset critical message notification<br />';
256: }
257: my $bodytag=&Apache::loncommon::bodytag(
258: 'Change Your Message Forwarding and Notifications');
259: $r->print(<<ENDVCMSG);
260: <html>
261: $bodytag
262: </p>
263: $message
264: </body></html>
265: ENDVCMSG
266: }
267:
268: ######################################################
269: # password handler subroutines #
270: ######################################################
271: sub passwordchanger {
272: # This function is a bit of a mess....
273: # Passwords are encrypted using londes.js (DES encryption)
274: my $r = shift;
275: my $errormessage = shift;
276: $errormessage = ($errormessage || '');
277: my $user = $ENV{'user.name'};
278: my $domain = $ENV{'user.domain'};
279: my $homeserver = $ENV{'user.home'};
280: my $currentauth=&Apache::lonnet::queryauthenticate($user,$domain);
281: # Check for authentication types that allow changing of the password.
282: return if ($currentauth !~ /^(unix|internal):/);
283: #
284: # Generate keys
285: my ($lkey_cpass ,$ukey_cpass ) = &des_keys();
286: my ($lkey_npass1,$ukey_npass1) = &des_keys();
287: my ($lkey_npass2,$ukey_npass2) = &des_keys();
288: # Store the keys in the log files
289: my $lonhost = $r->dir_config('lonHostID');
290: my $logtoken=Apache::lonnet::reply('tmpput:'
291: .$ukey_cpass . $lkey_cpass .'&'
292: .$ukey_npass1 . $lkey_npass1.'&'
293: .$ukey_npass2 . $lkey_npass2,
294: $lonhost);
295: # Hexify the keys for output as javascript variables
296: $ukey_cpass = hex($ukey_cpass);
297: $lkey_cpass = hex($lkey_cpass);
298: $ukey_npass1= hex($ukey_npass1);
299: $lkey_npass1= hex($lkey_npass1);
300: $ukey_npass2= hex($ukey_npass2);
301: $lkey_npass2= hex($lkey_npass2);
302: # Output javascript to deal with passwords
303: # Output DES javascript
304: $r->print("<html><head>");
305: {
306: my $include = $r->dir_config('lonIncludes');
307: my $jsh=Apache::File->new($include."/londes.js");
308: $r->print(<$jsh>);
309: }
310: my $bodytag=&Apache::loncommon::bodytag('Change Password','',
311: 'onLoad="init();"');
312: $r->print(<<ENDFORM);
313: </head>
314: $bodytag
315:
316: <script language="JavaScript">
317:
318: function send() {
319: uextkey=this.document.client.elements.ukey_cpass.value;
320: lextkey=this.document.client.elements.lkey_cpass.value;
321: initkeys();
322:
323: this.document.server.elements.currentpass.value
324: =crypted(this.document.client.elements.currentpass.value);
325:
326: uextkey=this.document.client.elements.ukey_npass1.value;
327: lextkey=this.document.client.elements.lkey_npass1.value;
328: initkeys();
329: this.document.server.elements.newpass_1.value
330: =crypted(this.document.client.elements.newpass_1.value);
331:
332: uextkey=this.document.client.elements.ukey_npass2.value;
333: lextkey=this.document.client.elements.lkey_npass2.value;
334: initkeys();
335: this.document.server.elements.newpass_2.value
336: =crypted(this.document.client.elements.newpass_2.value);
337:
338: this.document.server.submit();
339: }
340:
341: </script>
342: $errormessage
343:
344: <p>
345: <!-- We seperate the forms into 'server' and 'client' in order to
346: ensure that unencrypted passwords will not be sent out by a
347: crappy browser -->
348:
349: <form name="server" action="/adm/preferences" method="post">
350: <input type="hidden" name="logtoken" value="$logtoken" />
351: <input type="hidden" name="action" value="verify_and_change_pass" />
352: <input type="hidden" name="currentpass" value="" />
353: <input type="hidden" name="newpass_1" value="" />
354: <input type="hidden" name="newpass_2" value="" />
355: </form>
356:
357: <form name="client" >
358: <table>
359: <tr><td align="right"> Current password: </td>
360: <td><input type="password" name="currentpass" size="10"/> </td></tr>
361: <tr><td align="right"> New password: </td>
362: <td><input type="password" name="newpass_1" size="10" /> </td></tr>
363: <tr><td align="right"> Confirm password: </td>
364: <td><input type="password" name="newpass_2" size="10" /> </td></tr>
365: <tr><td colspan="2" align="center">
366: <input type="button" value="Change Password" onClick="send();">
367: </table>
368: <input type="hidden" name="ukey_cpass" value="$ukey_cpass" />
369: <input type="hidden" name="lkey_cpass" value="$lkey_cpass" />
370: <input type="hidden" name="ukey_npass1" value="$ukey_npass1" />
371: <input type="hidden" name="lkey_npass1" value="$lkey_npass1" />
372: <input type="hidden" name="ukey_npass2" value="$ukey_npass2" />
373: <input type="hidden" name="lkey_npass2" value="$lkey_npass2" />
374: </form>
375: </p>
376: ENDFORM
377: #
378: return;
379: }
380:
381: sub verify_and_change_password {
382: my $r = shift;
383: my $user = $ENV{'user.name'};
384: my $domain = $ENV{'user.domain'};
385: my $homeserver = $ENV{'user.home'};
386: my $currentauth=&Apache::lonnet::queryauthenticate($user,$domain);
387: # Check for authentication types that allow changing of the password.
388: return if ($currentauth !~ /^(unix|internal):/);
389: #
390: $r->print(<<ENDHEADER);
391: <html>
392: <head>
393: <title>LON-CAPA Preferences: Change password for $user</title>
394: </head>
395: ENDHEADER
396: #
397: my $currentpass = $ENV{'form.currentpass'};
398: my $newpass1 = $ENV{'form.newpass_1'};
399: my $newpass2 = $ENV{'form.newpass_2'};
400: my $logtoken = $ENV{'form.logtoken'};
401: # Check for empty data
402: unless (defined($currentpass) &&
403: defined($newpass1) &&
404: defined($newpass2) ){
405: &passwordchanger($r,"<p>\n<font color='#ff0000'>ERROR</font>".
406: "Password data was blank.\n</p>");
407: return;
408: }
409: # Get the keys
410: my $lonhost = $r->dir_config('lonHostID');
411: my $tmpinfo = Apache::lonnet::reply('tmpget:'.$logtoken,$lonhost);
412: if (($tmpinfo=~/^error/) || ($tmpinfo eq 'con_lost')) {
413: # I do not a have a better idea about how to handle this
414: $r->print(<<ENDERROR);
415: <p>
416: <font color="#ff0000">ERROR:</font> Unable to retrieve stored token for
417: password decryption. Please log out and try again.
418: </p>
419: ENDERROR
420: # Probably should log an error here
421: return;
422: }
423: my ($ckey,$n1key,$n2key)=split(/&/,$tmpinfo);
424: #
425: $currentpass = &des_decrypt($ckey ,$currentpass);
426: $newpass1 = &des_decrypt($n1key,$newpass1);
427: $newpass2 = &des_decrypt($n2key,$newpass2);
428: #
429: if ($newpass1 ne $newpass2) {
430: &passwordchanger($r,
431: '<font color="#ff0000">ERROR:</font>'.
432: 'The new passwords you entered do not match. '.
433: 'Please try again.');
434: return;
435: }
436: if (length($newpass1) < 7) {
437: &passwordchanger($r,
438: '<font color="#ff0000">ERROR:</font>'.
439: 'Passwords must be a minimum of 7 characters long. '.
440: 'Please try again.');
441: return;
442: }
443: #
444: # Check for bad characters
445: my $badpassword = 0;
446: foreach (split(//,$newpass1)) {
447: $badpassword = 1 if ((ord($_)<32)||(ord($_)>126));
448: }
449: if ($badpassword) {
450: # I can't figure out how to enter bad characters on my browser.
451: &passwordchanger($r,<<ENDERROR);
452: <font color="#ff0000">ERROR:</font>
453: The password you entered contained illegal characters.<br />
454: Valid characters are: space and <br />
455: <pre>
456: !"\#$%&\'()*+,-./0123456789:;<=>?\@
457: ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_\`abcdefghijklmnopqrstuvwxyz{|}~
458: </pre>
459: ENDERROR
460: }
461: #
462: # Change the password (finally)
463: my $result = &Apache::lonnet::changepass
464: ($user,$domain,$currentpass,$newpass1,$homeserver);
465: # Inform the user the password has (not?) been changed
466: if ($result =~ /^ok$/) {
467: $r->print(<<"ENDTEXT");
468: <h2>The password for $user was successfully changed</h2>
469: ENDTEXT
470: } else {
471: # error error: run in circles, scream and shout
472: $r->print(<<ENDERROR);
473: <h2><font color="#ff0000">The password for $user was not changed</font></h2>
474: Please make sure your old password was entered correctly.
475: ENDERROR
476: }
477: return;
478: }
479:
480: ######################################################
481: # other handler subroutines #
482: ######################################################
483:
484: ################################################################
485: # Main handler #
486: ################################################################
487: sub handler {
488: my $r = shift;
489: my $user = $ENV{'user.name'};
490: my $domain = $ENV{'user.domain'};
491: $r->content_type('text/html');
492: # Some pages contain DES keys and should not be cached.
493: &Apache::loncommon::no_cache($r);
494: $r->send_http_header;
495: return OK if $r->header_only;
496: #
497: if ($ENV{'form.action'} eq 'changepass') {
498: &passwordchanger($r);
499: } elsif ($ENV{'form.action'} eq 'verify_and_change_pass') {
500: &verify_and_change_password($r);
501: } elsif ($ENV{'form.action'} eq 'changescreenname') {
502: &screennamechanger($r);
503: } elsif ($ENV{'form.action'} eq 'verify_and_change_screenname') {
504: &verify_and_change_screenname($r);
505: } elsif ($ENV{'form.action'} eq 'changemsgforward') {
506: &msgforwardchanger($r);
507: } elsif ($ENV{'form.action'} eq 'verify_and_change_msgforward') {
508: &verify_and_change_msgforward($r);
509: } elsif ($ENV{'form.action'} eq 'debugtoggle') {
510: if ($ENV{'user.name'} eq 'albertel' ) {
511: if ($ENV{'user.debug'}) {
512: &Apache::lonnet::delenv('user\.debug');
513: } else {
514: &Apache::lonnet::appenv('user.debug' => 1);
515: }
516: }
517: } else {
518: $r->print(<<ENDHEADER);
519: <html>
520: <head>
521: <title>LON-CAPA Preferences</title>
522: </head>
523: ENDHEADER
524: $r->print(&Apache::loncommon::bodytag('Change Your Preferences'));
525: # Determine current authentication method
526: my $currentauth=&Apache::lonnet::queryauthenticate($user,$domain);
527: if ($currentauth =~ /^(unix|internal):/) {
528: $r->print(<<ENDPASSWORDFORM);
529: <form name="client" action="/adm/preferences" method="post">
530: <input type="hidden" name="action" value="changepass" />
531: <input type="submit" value="Change password" />
532: </form>
533: ENDPASSWORDFORM
534: }
535: # Change screen name
536: $r->print(<<ENDSCREENNAMEFORM);
537: <form name="client" action="/adm/preferences" method="post">
538: <input type="hidden" name="action" value="changescreenname" />
539: <input type="submit"
540: value="Change nickname and anonymous discussion screen name" />
541: </form>
542: ENDSCREENNAMEFORM
543: $r->print(<<ENDMSGFORWARDFORM);
544: <form name="client" action="/adm/preferences" method="post">
545: <input type="hidden" name="action" value="changemsgforward" />
546: <input type="submit" value="Change message forwarding and notification addresses" />
547: </form>
548: ENDMSGFORWARDFORM
549: # The "about me" page
550: my $aboutmeaction=
551: '/adm/'.$ENV{'user.domain'}.'/'.$ENV{'user.name'}.'/aboutme';
552: $r->print(<<ENDABOUTME);
553: <form name="client" action="$aboutmeaction" method="post">
554: <input type="hidden" name="action" value="changescreenname" />
555: <input type="submit" value="Edit the 'About Me' Personal Information Screen" />
556: </form>
557: ENDABOUTME
558: if ($ENV{'user.name'} eq 'albertel') {
559: $r->print(<<ENDDEBUG);
560: <form name="client" action="/adm/preferences" method="post">
561: <input type="hidden" name="action" value="debugtoggle" />
562: <input type="submit" value="Toggle Debug" />
563: Current Debug status is -$ENV{'user.debug'}-.
564: </form>
565: ENDDEBUG
566: }
567: # Other preference setting code should be added here
568: }
569: $r->print(<<ENDFOOTER);
570: </body>
571: </html>
572: ENDFOOTER
573: return OK;
574: }
575:
576: 1;
577: __END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to lonpreferences.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / interface