--- loncom/interface/createaccount.pm 2009/03/14 02:04:22 1.32 +++ loncom/interface/createaccount.pm 2010/12/06 02:39:59 1.37.2.7 @@ -3,7 +3,7 @@ # institutional log-in ID (institutional authentication required - localauth # or kerberos) or an e-mail address. # -# $Id: createaccount.pm,v 1.32 2009/03/14 02:04:22 raeburn Exp $ +# $Id: createaccount.pm,v 1.37.2.7 2010/12/06 02:39:59 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -39,7 +39,7 @@ use Apache::lonhtmlcommon; use Apache::lonlocal; use Apache::lonauth; use Apache::resetpw; -use Authen::Captcha; +use Captcha::reCAPTCHA; use DynaLoader; # for Crypt::DES version use Crypt::DES; use LONCAPA qw(:DEFAULT :match); @@ -92,7 +92,7 @@ sub handler { my $end_page = &Apache::loncommon::end_page(); $r->print($start_page."\n".'

'.&mt('You are already logged in').'

'. - '

'.&mt('Please either [_1]continue the current session[_2] or [_3]logout[_4].','','','',''). + '

'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].','','','',''). '

'.&mt('Login problems?').'

'.$end_page); return OK; } @@ -112,10 +112,16 @@ sub handler { if ($env{'form.udom'} ne '') { $domain = $env{'form.udom'}; } + + my %domconfig = + &Apache::lonnet::get_dom('configuration',['usercreation'],$domain); + my ($cancreate,$statustocreate) = + &get_creation_controls($domain,$domconfig{'usercreation'}); + my ($result,$output) = &username_validation($r,$env{'form.uname'},$domain,$domdesc, $contact_name,$contact_email,$courseid, - $lonhost); + $lonhost,$statustocreate); if ($result eq 'existingaccount') { $r->print($output); &print_footer($r); @@ -133,24 +139,16 @@ sub handler { $start_page = &Apache::loncommon::start_page($title,$js, {'no_inline_link' => 1,}); - my @cancreate; - my %domconfig = &Apache::lonnet::get_dom('configuration',['usercreation'],$domain); - if (ref($domconfig{'usercreation'}) eq 'HASH') { - if (ref($domconfig{'usercreation'}{'cancreate'}) eq 'HASH') { - if (ref($domconfig{'usercreation'}{'cancreate'}{'selfcreate'}) eq 'ARRAY') { - @cancreate = @{$domconfig{'usercreation'}{'cancreate'}{'selfcreate'}}; - } elsif (($domconfig{'usercreation'}{'cancreate'}{'selfcreate'} ne 'none') && - ($domconfig{'usercreation'}{'cancreate'}{'selfcreate'} ne '')) { - @cancreate = ($domconfig{'usercreation'}{'cancreate'}{'selfcreate'}); - } - } - } - if (@cancreate == 0) { + my $inventory = uc($domain); + my %domconfig = + &Apache::lonnet::get_dom('configuration',['usercreation'],$domain); + my ($cancreate,$statustocreate) = &get_creation_controls($domain,$domconfig{'usercreation'}); + if (@{$cancreate} == 0) { &print_header($r,$start_page,$courseid); my $output = '

'.&mt('Account creation unavailable').'

'. ''. - &mt('Creation of a new user account using an e-mail address or an institutional log-in ID as username is not permitted at this institution ([_1]).',$domdesc).'

'; + &mt('Creation of a new user account using an e-mail address or an institutional log-in ID as username is not permitted for the [_1] WebCenter.',$inventory).'

'; $r->print($output); &print_footer($r); return OK; @@ -160,12 +158,13 @@ sub handler { &print_header($r,$start_page,$courseid); my ($msg,$sso_logout); $sso_logout = &sso_logout_frag($r,$domain); - if (grep(/^sso$/,@cancreate)) { + if (grep(/^sso$/,@{$cancreate})) { $msg = '

'.&mt('Account creation').'

'. &mt("Although your username and password were authenticated by your institution's Single Sign On system, you do not currently have a LON-CAPA account at this institution.").'
'; $msg .= &username_check($sso_username,$domain,$domdesc,$courseid, - $lonhost,$contact_email,$contact_name,$sso_logout); + $lonhost,$contact_email,$contact_name, + $sso_logout,$statustocreate); } else { $msg = '

'.&mt('Account creation unavailable').'

'. ''.&mt("Although your username and password were authenticated by your institution's Single Sign On system, you do not currently have a LON-CAPA account at this institution, and you are not permitted to create one.").'

'.&mt('Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email).'
'. @@ -181,7 +180,7 @@ sub handler { if ($token) { ($output,$nostart,$noend) = &process_mailtoken($r,$token,$contact_name,$contact_email,$domain, - $domdesc,$lonhost,$include,$start_page); + $domdesc,$lonhost,$include,$start_page,$inventory); if ($nostart) { if ($noend) { return OK; @@ -215,7 +214,7 @@ sub handler { (my $result,$output) = &username_validation($r,$env{'form.uname'},$domain,$domdesc, $contact_name,$contact_email,$courseid, - $lonhost); + $lonhost,$statustocreate); if ($result eq 'existingaccount') { $r->print($output); &print_footer($r); @@ -226,21 +225,21 @@ sub handler { } elsif ($env{'form.create_with_email'}) { &print_header($r,$start_page,$courseid); $output = &process_email_request($env{'form.useremail'},$domain,$domdesc, - $contact_name,$contact_email,\@cancreate, + $contact_name,$contact_email,$cancreate, $lonhost,$domconfig{'usercreation'}, - $courseid); + $courseid,$inventory); } elsif (!$token) { &print_header($r,$start_page,$courseid); my $now=time; - if (grep(/^login$/,@cancreate)) { + if (grep(/^login$/,@{$cancreate})) { my $jsh=Apache::File->new($include."/londes.js"); $r->print(<$jsh>); $r->print(&javascript_setforms($now)); } - if (grep(/^email$/,@cancreate)) { + if (grep(/^email$/,@{$cancreate})) { $r->print(&javascript_validmail()); } - $output = &print_username_form($domain,$domdesc,\@cancreate,$now,$lonhost, + $output = &print_username_form($domain,$domdesc,$cancreate,$now,$lonhost, $courseid); } $r->print($output); @@ -280,7 +279,7 @@ sub selfenroll_crumbs { my ($r,$courseid,$desc) = @_; &Apache::lonhtmlcommon::add_breadcrumb ({href=>"javascript:ToCatalog('backupcrumbs','')", - text=>"Course Catalog"}); + text=>"Course/Community Catalog"}); if ($env{'form.coursenum'} ne '') { &Apache::lonhtmlcommon::add_breadcrumb ({href=>"javascript:ToCatalog('backupcrumbs','details')", @@ -376,6 +375,13 @@ function validate_email() { if (validmail(field) == false) { alert("$lt{'email'}: "+field.value+" $lt{'notv'}."); return false; + } else { + var emailaddr = field.value; + var lcemail = emailaddr.toLowerCase(); + if (emailaddr != lcemail) { + field.value = lcemail; + alert("WebCenter usernames are all lower case.\\nAccordingly your username will be "+lcemail+" once activated."); + } } return true; } @@ -405,7 +411,7 @@ sub print_username_form { } if (grep(/^email$/,@{$cancreate})) { $output .= '

'.&mt('Create account with an e-mail address as your username').'

'; - my $captchaform = &create_captcha(); + my $captchaform = &create_recaptcha(); if ($captchaform) { my $submit_text = &mt('Request LON-CAPA account'); my $emailform = ''; @@ -422,7 +428,8 @@ sub print_username_form { &Apache::lonhtmlcommon::row_closure(1). &Apache::lonhtmlcommon::row_title(&mt('Validation'), 'LC_pick_box_title')."\n". - $captchaform."\n".'

'; + $captchaform."\n". + &mt('If either word is hard to read, [_1] will replace them.','reCAPTCHA refresh').'

'; if ($courseid ne '') { $output .= ''."\n"; } @@ -469,6 +476,7 @@ sub login_box { my $unameform = ''; my $upassform = ''; $output .= '
'."\n". + ''. &Apache::lonhtmlcommon::start_pick_box()."\n". &Apache::lonhtmlcommon::row_title($titles{$context}, 'LC_pick_box_title')."\n". @@ -477,16 +485,6 @@ sub login_box { &Apache::lonhtmlcommon::row_title(&mt('Password'), 'LC_pick_box_title')."\n". $upassform; - if ($context eq 'selfenroll') { - my $udomform = ''; - $output .= &Apache::lonhtmlcommon::row_closure(1)."\n". - &Apache::lonhtmlcommon::row_title(&mt('Domain'), - 'LC_pick_box_title')."\n". - $udomform."\n"; - } else { - $output .= ''; - } $output .= &Apache::lonhtmlcommon::row_closure(1). &Apache::lonhtmlcommon::row_title(). '
'."\n"; - $output .= ''."\n". - ''."\n". + $output .= ''."\n". + ''."\n". '
'; return $output; } sub process_email_request { my ($useremail,$domain,$domdesc,$contact_name,$contact_email,$cancreate, - $server,$settings,$courseid) = @_; - $useremail = $env{'form.useremail'}; + $server,$settings,$courseid,$inventory) = @_; + $useremail = lc($env{'form.useremail'}); my $output; if (ref($cancreate) eq 'ARRAY') { if (!grep(/^email$/,@{$cancreate})) { @@ -523,26 +521,21 @@ sub process_email_request { my $uhome = &Apache::lonnet::homeserver($useremail,$domain); if ($uhome ne 'no_host') { $output = &invalid_state('existinguser',$domdesc, - $contact_name,$contact_email); + $contact_name,$contact_email,'',$useremail); return $output; } else { - my $code = $env{'form.code'}; - my $md5sum = $env{'form.crypt'}; - my %captcha_params = &captcha_settings(); - my $captcha = Authen::Captcha->new( - output_folder => $captcha_params{'output_dir'}, - data_folder => $captcha_params{'db_dir'}, - ); - my $captcha_chk = $captcha->check_code($code,$md5sum); - my %captcha_hash = ( - 0 => 'Code not checked (file error)', - -1 => 'Failed: code expired', - -2 => 'Failed: invalid code (not in database)', - -3 => 'Failed: invalid code (code does not match crypt)', - ); - if ($captcha_chk != 1) { + my $captcha = Captcha::reCAPTCHA->new; + my $captcha_result = + $captcha->check_answer( + 'PRIVATEKEY', + $ENV{'REMOTE_ADDR'}, + $env{'form.recaptcha_challenge_field'}, + $env{'form.recaptcha_response_field'}, + ); + if (!$captcha_result->{is_valid}) { $output = &invalid_state('captcha',$domdesc,$contact_name, - $contact_email,$captcha_hash{$captcha_chk}); + $contact_email); + return $output; } my $uhome=&Apache::lonnet::homeserver($useremail,$domain); @@ -571,7 +564,7 @@ sub process_email_request { } } $output = &send_token($domain,$useremail,$server,$domdesc,$contact_name, - $contact_email,$courseid); + $contact_email,$courseid,$inventory); } return $output; } @@ -591,7 +584,8 @@ sub call_rulecheck { } sub send_token { - my ($domain,$email,$server,$domdesc,$contact_name,$contact_email,$courseid) = @_; + my ($domain,$email,$server,$domdesc,$contact_name,$contact_email,$courseid, + $inventory) = @_; my $msg = '

'.&mt('Account creation status').'

'. &mt('Thank you for your request to create a new LON-CAPA account.'). '

'; @@ -605,9 +599,9 @@ sub send_token { if ($token !~ /^error/ && $token ne 'no_such_host') { my $esc_token = &escape($token); my $showtime = localtime(time); - my $mailmsg = &mt('A request was submitted on [_1] for creation of a LON-CAPA account at the following institution: [_2].',$showtime,$domdesc).' '. + my $mailmsg = &mt('A request was submitted on [_1] for creation of a [_2] WebCenter account.',$showtime,$inventory)." \n". &mt('To complete this process please open a web browser and enter the following URL in the address/location box: [_1]', - &Apache::lonnet::absolute_url().'/adm/createaccount?token='.$esc_token); + "\n\n".&Apache::lonnet::absolute_url().'/adm/createaccount?token='.$esc_token); my $result = &Apache::resetpw::send_mail($domdesc,$email,$mailmsg,$contact_name, $contact_email); if ($result eq 'ok') { @@ -627,7 +621,7 @@ sub send_token { sub process_mailtoken { my ($r,$token,$contact_name,$contact_email,$domain,$domdesc,$lonhost, - $include,$start_page) = @_; + $include,$start_page,$inventory) = @_; my ($msg,$nostart,$noend); my %data = &Apache::lonnet::tmpget($token); my $now = time; @@ -647,7 +641,7 @@ sub process_mailtoken { if ($result eq 'ok') { $msg = $output; my $shownow = &Apache::lonlocal::locallocaltime($now); - my $mailmsg = &mt('A LON-CAPA account for the institution: [_1] has been created [_2] from IP address: [_3]. If you did not perform this action or authorize it, please contact the [_4] ([_5]).',$domdesc,$shownow,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n"; + my $mailmsg = &mt('A [_1] WebCenter account has been created [_2] from IP address: [_3]. If you did not perform this action or authorize it, please contact the [_4] ([_5]).',$inventory,$shownow,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n"; my $mailresult = &Apache::resetpw::send_mail($domdesc,$data{'email'}, $mailmsg,$contact_name, $contact_email); @@ -792,6 +786,32 @@ ENDSERVERFORM return $output; } +sub get_creation_controls { + my ($domain,$usercreation) = @_; + my (@cancreate,@statustocreate); + if (ref($usercreation) eq 'HASH') { + if (ref($usercreation->{'cancreate'}) eq 'HASH') { + if (ref($usercreation->{'cancreate'}{'statustocreate'}) eq 'ARRAY') { + @statustocreate = @{$usercreation->{'cancreate'}{'statustocreate'}}; + } else { + @statustocreate = ('default'); + my ($othertitle,$usertypes,$types) = + &Apache::loncommon::sorted_inst_types($domain); + if (ref($types) eq 'ARRAY') { + push(@statustocreate,@{$types}); + } + } + if (ref($usercreation->{'cancreate'}{'selfcreate'}) eq 'ARRAY') { + @cancreate = @{$usercreation->{'cancreate'}{'selfcreate'}}; + } elsif (($usercreation->{'cancreate'}{'selfcreate'} ne 'none') && + ($usercreation->{'cancreate'}{'selfcreate'} ne '')) { + @cancreate = ($usercreation->{'cancreate'}{'selfcreate'}); + } + } + } + return (\@cancreate,\@statustocreate); +} + sub create_account { my ($r,$domain,$lonhost,$username,$domdesc) = @_; my ($retrieved,$output,$upass) = &process_credentials($env{'form.logtoken'}, @@ -829,7 +849,7 @@ sub create_account { sub username_validation { my ($r,$username,$domain,$domdesc,$contact_name,$contact_email,$courseid, - $lonhost) = @_; + $lonhost,$statustocreate) = @_; my ($retrieved,$output,$upass); $username= &LONCAPA::clean_username($username); @@ -863,7 +883,8 @@ sub username_validation { } if ($authok eq 'authorized') { $output = &username_check($username,$domain,$domdesc,$courseid,$lonhost, - $contact_email,$contact_name); + $contact_email,$contact_name,undef, + $statustocreate); } else { $output = &login_failure_msg($courseid); } @@ -888,8 +909,8 @@ sub login_failure_msg { } sub username_check { - my ($username,$domain,$domdesc,$courseid,$lonhost,$contact_email,$contact_name, - $sso_logout) = @_; + my ($username,$domain,$domdesc,$courseid,$lonhost,$contact_email, + $contact_name,$sso_logout,$statustocreate) = @_; my (%rulematch,%inst_results,$checkfail,$rowcount,$editable,$output,$msg, %alerts,%curr_rules,%got_rules); &call_rulecheck($username,$domain,\%alerts,\%rulematch, @@ -909,6 +930,21 @@ sub username_check { } } if (!$checkfail) { + if (ref($statustocreate) eq 'ARRAY') { + $checkfail = 'inststatus'; + if (ref($inst_results{$username.':'.$domain}{inststatus}) eq 'ARRAY') { + foreach my $inststatus (@{$inst_results{$username.':'.$domain}{inststatus}}) { + if (grep(/^\Q$inststatus\E$/,@{$statustocreate})) { + undef($checkfail); + last; + } + } + } elsif (grep(/^default$/,@{$statustocreate})) { + undef($checkfail); + } + } + } + if (!$checkfail) { $output = '
'; (my $datatable,$rowcount,$editable) = &Apache::loncreateuser::personal_data_display($username,$domain,1,'selfcreate', @@ -943,6 +979,10 @@ sub username_check { } elsif ($checkfail eq 'authtoken') { $msg .= ''.&mt('Error creating token.').''. '
'.$output; + } elsif ($checkfail eq 'inststatus') { + $msg .= ''. + &mt('You are not permitted to create a LON-CAPA account.'). + '

'.$output; } $msg .= &mt('Please contact the [_1] ([_2]) for assistance.', $contact_name,$contact_email).'
'. @@ -1091,72 +1131,55 @@ sub check_id { } sub invalid_state { - my ($error,$domdesc,$contact_name,$contact_email,$msgtext) = @_; + my ($error,$domdesc,$contact_name,$contact_email,$msgtext,$useremail) = @_; my $msg = '

'.&mt('Account creation unavailable').'

'; if ($error eq 'baduseremail') { - $msg = &mt('The e-mail address you provided does not appear to be a valid address.'); + $msg .= &mt('The e-mail address you provided does not appear to be a valid address.'); } elsif ($error eq 'existinguser') { - $msg = &mt('The e-mail address you provided is already in use as a username in LON-CAPA at this institution.'); + my $uname = &HTML::Entities::encode($useremail); + $msg .= &mt('The e-mail address you provided is already in use as a username in LON-CAPA at this institution.').'

'.&mt('You can either:').'
    '. + '
  • '.&mt('Return to the [_1]log-in page[_2] and enter your password.','','').'
    • '. + '
  • '.&mt('or, if you do not remember your password, visit the "[_1]Forgot your password?[_2]" page.','',''). + '
'; } elsif ($error eq 'userrules') { - $msg = &mt('Username rules at this institution do not allow the e-mail address you provided to be used as a username.'); + $msg .= &mt('Username rules at this institution do not allow the e-mail address you provided to be used as a username.'); } elsif ($error eq 'userformat') { - $msg = &mt('The e-mail address you provided may not be used as a username at this LON-CAPA institution.'); + $msg .= &mt('The e-mail address you provided may not be used as a username at this LON-CAPA institution.'); } elsif ($error eq 'captcha') { - $msg = &mt('Validation of the code your entered failed.'); + $msg .= &mt('Validation of the code you entered failed.'); } elsif ($error eq 'noemails') { - $msg = &mt('Creation of a new user account using an e-mail address as username is not permitted at this LON-CAPA institution.'); + $msg .= &mt('Creation of a new user account using an e-mail address as username is not permitted at this LON-CAPA institution.'); } $msg .= ''; if ($msgtext) { $msg .= '
'.$msgtext; } - $msg .= &linkto_email_help($contact_email,$domdesc); + $msg .= &linkto_email_help($contact_email,$domdesc,$error); return $msg; } sub linkto_email_help { - my ($contact_email,$domdesc) = @_; + my ($contact_email,$domdesc,$error) = @_; my $msg; if ($contact_email ne '') { my $escuri = &HTML::Entities::encode('/adm/createaccount','&<>"'); - $msg .= '
'.&mt('You may wish to contact the [_1]LON-CAPA helpdesk[_2] for [_3].','','',$domdesc).'
'; + my $href = '/adm/helpdesk?origurl='.$escuri; + if ($error eq 'existinguser') { + my $escemail = &HTML::Entities::encode($env{'form.useremail'}); + $href .= '&useremail='.$escemail.'&useraccount='.$escemail; + } + $msg .= '
'.&mt('You may wish to contact the [_1]LON-CAPA helpdesk[_2] for [_3].','','',$domdesc).'
'; } else { $msg .= '
'.&mt('You may wish to send an e-mail to the server administrator: [_1] for [_2].',$Apache::lonnet::perlvar{'AdminEmail'},$domdesc).'
'; } return $msg; } -sub create_captcha { - my ($output_dir,$db_dir) = @_; - my %captcha_params = &captcha_settings(); - my ($output,$maxtries,$tries) = ('',10,0); - while ($tries < $maxtries) { - $tries ++; - my $captcha = Authen::Captcha->new ( - output_folder => $captcha_params{'output_dir'}, - data_folder => $captcha_params{'db_dir'}, - ); - my $md5sum = $captcha->generate_code($captcha_params{'numchars'}); - - if (-e $Apache::lonnet::perlvar{'lonCaptchaDir'}.'/'.$md5sum.'.png') { - $output = ''."\n". - &mt('Type in the letters/numbers shown below').' '. - '
'. - ''; - last; - } - } - return $output; -} - -sub captcha_settings { - my %captcha_params = ( - output_dir => $Apache::lonnet::perlvar{'lonCaptchaDir'}, - www_output_dir => "/captchaspool", - db_dir => $Apache::lonnet::perlvar{'lonCaptchaDb'}, - numchars => '5', - ); - return %captcha_params; +sub create_recaptcha { + my $captcha = Captcha::reCAPTCHA->new; + return $captcha->get_options_setter({theme => 'white'})."\n". + $captcha->get_html('PUBLICKEY'); # generate public key for IP + # from http://recaptcha.net/ } sub getkeys {