--- loncom/interface/createaccount.pm 2008/06/27 16:08:42 1.6 +++ loncom/interface/createaccount.pm 2008/07/10 00:18:05 1.15 @@ -3,7 +3,7 @@ # institutional log-in ID (institutional authentication required - localauth # or kerberos) or an e-mail address. # -# $Id: createaccount.pm,v 1.6 2008/06/27 16:08:42 bisitz Exp $ +# $Id: createaccount.pm,v 1.15 2008/07/10 00:18:05 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -35,6 +35,7 @@ use Apache::Constants qw(:common); use Apache::lonacc; use Apache::lonnet; use Apache::loncommon; +use Apache::lonhtmlcommon; use Apache::lonlocal; use Apache::lonauth; use Apache::resetpw; @@ -42,6 +43,7 @@ use Authen::Captcha; use DynaLoader; # for Crypt::DES version use Crypt::DES; use LONCAPA qw(:DEFAULT :match); +use HTML::Entities; sub handler { my $r = shift; @@ -63,7 +65,11 @@ sub handler { } my $domdesc = &Apache::lonnet::domain($domain,'description'); my $contact_name = &mt('LON-CAPA helpdesk'); - my $contact_email = $r->dir_config('lonSupportEMail'); + my $origmail = $Apache::lonnet::perlvar{'lonSupportEMail'}; + my $contacts = + &Apache::loncommon::build_recipient_list(undef,'helpdeskmail', + $domain,$origmail); + my ($contact_email) = split(',',$contacts); my $lonhost = $r->dir_config('lonHostID'); my $include = $r->dir_config('lonIncludes'); my $start_page; @@ -106,7 +112,9 @@ sub handler { if (@cancreate == 0) { &print_header($r,$start_page); - my $output = &mt('Creation of a new user account using an e-mail address as username or a loginID from your institution is not permitted in the domain: [_1] ([_2]).',$domain,$domdesc); + my $output = '

'.&mt('Account creation unavailable').'

'. + ''. + &mt('Creation of a new user account using an e-mail address or an institutional log-in ID as username is not permitted in the domain: [_1] ([_2]).',$domain,$domdesc).'

'; $r->print($output); $r->print(&Apache::loncommon::end_page()); return OK; @@ -121,17 +129,29 @@ sub handler { &print_header($r,$start_page); my ($output,$msg); if (grep(/^sso$/,@cancreate)) { - $msg = &mt("Although your username and password were authenticated by your institution's Single Sign On system, you do not currently have a LON-CAPA account in this domain."); - ($output, my $checkfail) = &username_check($sso_username,$domain,$domdesc,$courseid); + $msg = '

'.&mt('Account creation').'

'. + &mt("Although your username and password were authenticated by your institution's Single Sign On system, you do not currently have a LON-CAPA account in this domain.").'

'; + ($output, my $checkfail) = &username_check($sso_username,$domain, + $domdesc,$courseid, + $lonhost,$contact_email); if ($checkfail) { - $msg .= &mt('A LON-CAPA account may not be created with the username you use.'); + $msg .= '

'.&mt('Account creation unavailable');'

'; + if ($checkfail eq 'username') { + $msg .= ''. + &mt('A LON-CAPA account may not be created with the username you use.').''; + } elsif ($checkfail eq 'authtoken') { + $msg .= ''.&mt('Error creating token.').''; + } + $msg .= '

'. + &mt('Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email); } else { $msg .= &mt('To create one, use the table below to provide information about yourself (if appropriate), then click the "Create LON-CAPA account" button.'); } } else { - $msg = &mt("Although your username and password were authenticated by your institution's Single Sign On system, you do not currently have a LON-CAPA account in this domain, and you are not permitted to create one."); + $msg .= '

'.&mt('Account creation unavailable').'

'. + ''.&mt("Although your username and password were authenticated by your institution's Single Sign On system, you do not currently have a LON-CAPA account in this domain, and you are not permitted to create one.").'

'.&mt('Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email); } - $r->print('

'.$msg.'

'.$output); + $r->print($msg.'
'.$output); $r->print(&Apache::loncommon::end_page()); return OK; } @@ -181,7 +201,8 @@ sub handler { $courseid); } elsif ($env{'form.phase'} eq 'username_validation') { $output = &username_validation($env{'form.uname'},$domain,$domdesc, - $contact_name,$contact_email,$courseid); + $contact_name,$contact_email,$courseid, + $lonhost); } elsif (!$token) { my $now=time; if (grep(/^login$/,@cancreate)) { @@ -189,6 +210,9 @@ sub handler { $r->print(<$jsh>); $r->print(&javascript_setforms($now)); } + if (grep(/^email$/,@cancreate)) { + $r->print(&javascript_validmail()); + } $output = &print_username_form($domain,$domdesc,\@cancreate,$now,$lonhost, $courseid); } @@ -245,7 +269,7 @@ ENDSCRIPT sub javascript_checkpass { my ($now) = @_; - my $nopass = &mt('You must enter a password'); + my $nopass = &mt('You must enter a password.'); my $mismatchpass = &mt('The passwords you entered did not match.').'\\n'. &mt('Please try again.'); my $js = <<"ENDSCRIPT"; @@ -271,6 +295,27 @@ ENDSCRIPT return $js; } +sub javascript_validmail { + my %lt = &Apache::lonlocal::texthash ( + email => 'The e-mail address you entered', + notv => 'is not a valid e-mail address', + ); + my $output = "\n".''."\n"; + return $output; +} + sub print_username_form { my ($domain,$domdesc,$cancreate,$now,$lonhost,$courseid) = @_; my %lt = &Apache::lonlocal::texthash( @@ -284,7 +329,7 @@ sub print_username_form { my %domdefaults = &Apache::lonnet::get_domain_defaults($domain); if ((($domdefaults{'auth_def'} =~/^krb/) && ($domdefaults{'auth_arg_def'} ne '')) || ($domdefaults{'auth_def'} eq 'localauth')) { $output = '

'.&mt('Create account with a username provided by your institution').'

'; - $output .= &mt('If you already have a Log-in ID at your institution, you may be able to use it[_1] for LON-CAPA.','
').' '.&mt('Type in your Log-in ID and password to find out.').'

'; + $output .= &mt('If you already have a log-in ID at your institution,[_1] you may be able to use it for LON-CAPA.','
').'

'.&mt('Type in your log-in ID and password to find out.').'

'; my ($lkey,$ukey) = &Apache::lonpreferences::des_keys(); my ($lextkey,$uextkey) = &getkeys($lkey,$ukey); my $logtoken=Apache::lonnet::reply('tmpput:'.$ukey.$lkey.'&createaccount', @@ -314,14 +359,14 @@ sub print_username_form { if (grep(/^email$/,@{$cancreate})) { $output .= '

'.&mt('Create account with an e-mail address as your username').'

'; if (grep(/^login$/,@{$cancreate})) { - $output .= &mt('Provide your e-mail address to request a LON-CAPA account if you do not have [_1] a log-in ID at your institution.','
').'

'; + $output .= &mt('Provide your e-mail address to request a LON-CAPA account,[_1] if you do not have a log-in ID at your institution.','
').'

'; } else { $output .= '
'; } my $emailform = ''; my $captchaform = &create_captcha(); my $submit_text = &mt('Request LON-CAPA account'); - $output .= '
'. + $output .= ''. &Apache::lonhtmlcommon::start_pick_box()."\n". &Apache::lonhtmlcommon::row_title(&mt('E-mail address'), 'LC_pick_box_title')."\n". @@ -341,7 +386,7 @@ sub print_username_form { } } if ($output eq '') { - $output = &mt('Creation of a new user account using either an e-mail address or institutional log-in ID as your username is not permitted in the domain: [_1] ([_2])',$domain,$domdesc); + $output = &mt('Creation of a new user account using an e-mail address or an institutional log-in ID as your username is not permitted in the domain: [_1] ([_2])',$domain,$domdesc); } else { $output .= '
'; } @@ -425,7 +470,9 @@ sub process_email_request { sub send_token { my ($domain,$email,$server,$domdesc,$contact_name,$contact_email,$courseid) = @_; - my $msg = &mt('Thank you for your request to create a new LON-CAPA account.').'

'; + my $msg = '

'.&mt('Account creation status').'

'. + &mt('Thank you for your request to create a new LON-CAPA account.'). + '

'; my $now = time; my %info = ('ip' => $ENV{'REMOTE_ADDR'}, 'time' => $now, @@ -436,17 +483,22 @@ sub send_token { if ($token !~ /^error/ && $token ne 'no_such_host') { my $esc_token = &escape($token); my $mailmsg = &mt('A request was submitted on [_1] for creation of a LON-CAPA account in the [_2] domain.',localtime(time),$domdesc).' '. - &mt('To complete this process please open a web browser and enter the following ". - "URL in the address/location box: ').&Apache::lonnet::absolute_url()."/adm/createaccount?token=$esc_token"; + &mt('To complete this process please open a web browser and enter the following' + .' URL in the address/location box: [_1]' + ,&Apache::lonnet::absolute_url().'/adm/createaccount?token='.$esc_token); my $result = &Apache::resetpw::send_mail($domdesc,$email,$mailmsg,$contact_name, $contact_email); if ($result eq 'ok') { $msg .= &mt('A message has been sent to the e-mail address you provided.').'
'.&mt('The message includes the web address for the link you will use to complete the account creation process.').'
'.&mt("The link included in the message will be valid for the next [_1]two[_2] hours.",'',''); } else { - $msg .= &mt('An error occurred when sending a message to the e-mail address you provided. Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email); + $msg .= ''. + &mt('An error occurred when sending a message to the e-mail address you provided.').'
'. + ' '.&mt('Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email); } } else { - $msg .= &mt('An error occurred creating a token required for the account creation process. Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email); + $msg .= ''. + &mt('An error occurred creating a token required for the account creation process.').'
'. + ' '.&mt('Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email); } return $msg; } @@ -458,7 +510,9 @@ sub process_mailtoken { my %data = &Apache::lonnet::tmpget($token); my $now = time; if (keys(%data) == 0) { - $msg = &mt('Sorry, the URL you provided to complete creation of a new LON-CAPA account was invalid. Either the token included in the URL has been deleted or the URL you provided was invalid. Please submit a new request for account creation and follow the link to the new URL included in the e-mail that will be sent to you.'); + $msg = &mt('Sorry, the URL you provided to complete creation of a new LON-CAPA account was invalid.') + .' '.&mt('Either the token included in the URL has been deleted or the URL you provided was invalid.') + .' '.&mt('Please submit a [_1]new request[_2] for account creation and follow the new link page included in the e-mail that will be sent to you.','',''); return $msg; } if (($data{'time'} =~ /^\d+$/) && @@ -486,7 +540,10 @@ sub process_mailtoken { $nostart = 1; $noend = 1; } else { - $msg .= &mt('A problem occurred when attempting to create your new LON-CAPA account').'
'.$output.&mt('Please contact the [_1] - ([_2]) for assistance.',$contact_name,$contact_email); + $msg .= &mt('A problem occurred when attempting to create your new LON-CAPA account.') + .'
'.$output +# .&mt('Please contact the [_1] ([_2]) for assistance.',$contact_name,''.$contact_email.''); + .&mt('Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email); } my $delete = &Apache::lonnet::tmpdel($token); } else { @@ -495,10 +552,12 @@ sub process_mailtoken { $nostart = 1; } } else { - $msg = &mt('Sorry, the token generated when you requested creation of an account has expired. Please submit a new request, and follow the link to the web page included in the new e-mail that will be sent to you, to allow you to create the account.'); + $msg = &mt('Sorry, the token generated when you requested creation of an account has expired.') + .' '.&mt('Please submit a [_1]new request[_2] for account creation and follow the new link included in the e-mail that will be sent to you.','',''); } } else { - $msg .= &mt('Sorry, the URL generated when you requested creation of an account contained incomplete information. Please submit a new request for creation of an account, and use the new URL that will be sent to your e-mail address to complete the process.'); + $msg .= &mt('Sorry, the URL generated when you requested creation of an account contained incomplete information.') + .' '.&mt('Please submit a [_1]new request[_2] for account creation and follow the new link included in the e-mail that will be sent to you.','',''); } return ($msg,$nostart,$noend); } @@ -618,7 +677,7 @@ ENDSERVERFORM '
'; } else { - $output = &mt('Could not load javascript file [_1]','londes.js'); + $output = &mt('Could not load javascript file [_1]','londes.js'); } return $output; } @@ -628,7 +687,7 @@ sub create_account { my ($retrieved,$output,$upass) = &process_credentials($env{'form.logtoken'}, $env{'form.serverid'}); # Error messages - my $error = ''.&mt('Error').': '; + my $error = ''.&mt('Error:').' '; my $end = '

'; my $rtnlink = ''. &mt('Return to previous page').''. @@ -651,15 +710,15 @@ sub create_account { 'internal',$upass,$env{'form.cfirstname'}, $env{'form.cmiddlename'},$env{'form.clastname'}, $env{'form.cgeneration'},undef,undef,$username); - $output = &mt('Generating user').': '.$result; + $output = &mt('Generating user: [_1]',$result); my $uhome = &Apache::lonnet::homeserver($username,$domain); - $output .= '
'.&mt('Home server').': '.$uhome.' '. + $output .= '
'.&mt('Home server: [_1]',$uhome).' '. &Apache::lonnet::hostname($uhome).'

'; return ('ok',$output); } sub username_validation { - my ($username,$domain,$domdesc,$contact_name,$contact_email,$courseid) = @_; + my ($username,$domain,$domdesc,$contact_name,$contact_email,$courseid,$lonhost) = @_; my ($retrieved,$output,$upass); $username= &LONCAPA::clean_username($username); @@ -685,7 +744,8 @@ sub username_validation { $authok = 'non_authorized'; } if ($authok eq 'authorized') { - ($output,undef) = &username_check($username,$domain,$domdesc,$courseid); + ($output,undef) = &username_check($username,$domain,$domdesc, + $courseid,$lonhost,$contact_email); } else { $output = '
' .&mt('Username and/or password could not be authenticated.') @@ -697,7 +757,7 @@ sub username_validation { } sub username_check { - my ($username,$domain,$domdesc,$courseid) = @_; + my ($username,$domain,$domdesc,$courseid,$lonhost,$contact_email) = @_; my (%rulematch,%inst_results,$newuser,%alerts,%curr_rules,%got_rules); $newuser = 1; my $checkhash; @@ -715,7 +775,7 @@ sub username_check { &Apache::loncommon::user_rule_formats($domain,$domdesc, $curr_rules{$domain}{'username'},'username'); if ($userchkmsg) { - $checkfail = 1; + $checkfail = 'username'; } } return ($userchkmsg,$checkfail); @@ -723,13 +783,26 @@ sub username_check { } } my $submit_text = &mt('Create LON-CAPA account'); - # FIXME need a cookie to confirm credentials were validated. my $output = '
'. &Apache::loncreateuser::personal_data_display($username,$domain,1, undef,$inst_results{$username.':'.$domain}). '

'."\n". ''."\n". ''; + my $now = time; + my %info = ('ip' => $ENV{'REMOTE_ADDR'}, + 'time' => $now, + 'domain' => $domain, + 'username' => $username); + my $authtoken = &Apache::lonnet::tmpput(\%info,$lonhost); + if ($authtoken !~ /^error/ && $authtoken ne 'no_such_host') { + $output .= ''; + } else { + $output = &mt('An error occurred when storing a token').'
'. + &mt('You will not be able to proceed to the next stage of account creation'). + &linkto_email_help($contact_email,$domdesc); + return($output,'authtoken'); + } if ($courseid ne '') { $output .= ''; } @@ -741,12 +814,33 @@ sub username_check { sub username_activation { my ($r,$username,$domain,$domdesc,$lonhost,$courseid) = @_; my $output; - my $error = ''.&mt('Error').': '; + my $error = ''.&mt('Error:').' '; my $end = '

'; my $rtnlink = ''. &mt('Return to previous page').''. &Apache::loncommon::end_page(); my %domdefaults = &Apache::lonnet::get_domain_defaults($domain); + my %data = &Apache::lonnet::tmpget($env{'form.authtoken'}); + my $now = time; + my $earlyout; + my $timeout = 300; + if (keys(%data) == 0) { + $output = &mt('Sorry, your authentication has expired.'); + $earlyout = 'fail'; + } + if (($data{'time'} !~ /^\d+$/) || + ($data{'domain'} ne $domain) || + ($data{'username'} ne $username)) { + $earlyout = 'fail'; + $output = &mt('The credentials you provided could not be verified.'); + } elsif ($now - $data{'time'} > $timeout) { + $earlyout = 'fail'; + $output = &mt('Sorry, your authentication has expired.'); + } + if ($earlyout ne '') { + $output .= '
'.&mt('Please [_1]start again[_2].','',''); + return($earlyout,$output); + } if ((($domdefaults{'auth_def'} =~/^krb(4|5)$/) && ($domdefaults{'auth_arg_def'} ne '')) || ($domdefaults{'auth_def'} eq 'localauth')) { @@ -767,6 +861,7 @@ sub username_activation { $env{'form.cgeneration'},undef,undef, $env{'form.cpermanentemail'}); if ($result eq 'ok') { + my $delete = &Apache::lonnet::tmpdel($env{'form.authtoken'}); $output = &mt('A LON-CAPA account has been created for username: [_1] in domain: [_2].',$username,$domain); my %form = &start_session($r,$username,$domain,$lonhost,$courseid); my $nostart = 1; @@ -776,7 +871,7 @@ sub username_activation { return ('fail',$output); } } else { - $output = &mt("User account creation is not available for the current default authentication type.\n"); + $output = &mt('User account creation is not available for the current default authentication type.')."\n"; return('fail',$output); } } @@ -812,7 +907,7 @@ sub check_id { sub invalid_state { my ($error,$domdesc,$contact_name,$contact_email,$msgtext) = @_; - my $msg; + my $msg = '

'.&mt('Account creation unavailable').'

'; if ($error eq 'baduseremail') { $msg = &mt('The e-mail address you provided does not appear to be a valid address.'); } elsif ($error eq 'existinguser') { @@ -826,14 +921,22 @@ sub invalid_state { } elsif ($error eq 'noemails') { $msg = &mt('Creation of a new user account using an e-mail address as username is not permitted in this LON-CAPA domain.'); } + $msg .= ''; if ($msgtext) { $msg .= '
'.$msgtext; } + $msg .= &linkto_email_help($contact_email,$domdesc); + return $msg; +} + +sub linkto_email_help { + my ($contact_email,$domdesc) = @_; + my $msg; if ($contact_email ne '') { my $escuri = &HTML::Entities::encode('/adm/createaccount','&<>"'); - $msg .= '
'.&mt(' You may wish to contact the LON-CAPA helpdesk for the [_2] domain.',$escuri,$domdesc); + $msg .= '
'.&mt('You may wish to contact the [_1]LON-CAPA helpdesk[_2] for the [_3] domain.','','',$domdesc); } else { - $msg .= '
'.&mt(' You may wish to send an e-mail to the server administrator: [_1] for the [_2] domain.',$Apache::lonnet::perlvar{'AdminEmail'},$domdesc); + $msg .= '
'.&mt('You may wish to send an e-mail to the server administrator: [_1] for the [_2] domain.',$Apache::lonnet::perlvar{'AdminEmail'},$domdesc); } return $msg; } @@ -855,9 +958,9 @@ sub create_captcha { sub captcha_settings { my %captcha_params = ( - output_dir => "/home/httpd/html/captcha", - www_output_dir => "/captcha", - db_dir => "/home/www/captchadb", + output_dir => $Apache::lonnet::perlvar{'lonCaptchaDir'}, + www_output_dir => "/captchaspool", + db_dir => $Apache::lonnet::perlvar{'lonCaptchaDb'}, numchars => '5', ); return %captcha_params; @@ -894,7 +997,8 @@ sub process_credentials { my $tmpinfo=Apache::lonnet::reply('tmpget:'.$logtoken,$lonhost); my ($retrieved,$output,$upass); if (($tmpinfo=~/^error/) || ($tmpinfo eq 'con_lost')) { - $output = &mt('Information needed to retrieve your log-in information is missing, inaccessible or expired.').'
'.&mt('You may need to reload the previous page to obtain a new token.'); + $output = &mt('Information needed to verify your login information is missing, inaccessible or expired.') + .'
'.&mt('You may need to reload the previous page to obtain a new token.'); return ($retrieved,$output,$upass); } else { my $reply = &Apache::lonnet::reply('tmpdel:'.$logtoken,$lonhost); @@ -939,7 +1043,7 @@ sub guest_format_check { $format_msg = '
'.&mt("Your e-mail address uses the same internet domain as your institution's LON-CAPA service.").'
'.&mt('Creation of a LON-CAPA account with this type of e-mail address as username is not permitted.').'
'; if (ref($cancreate) eq 'ARRAY') { if (grep(/^login$/,@{$cancreate})) { - $format_msg .= &mt('You should request creation of a LON-CAPA account for a Log-in ID of "[_1]" at your institution instead.',$login).'
'; + $format_msg .= &mt('You should request creation of a LON-CAPA account for a log-in ID of "[_1]" at your institution instead.',$login).'
'; } } }