Annotation of loncom/interface/lonpreferences.pm, revision 1.13

1.1       www         1: # The LearningOnline Network
                      2: # Preferences
                      3: #
1.13    ! www         4: # $Id: lonpreferences.pm,v 1.12 2002/09/07 03:44:14 www Exp $
1.2       albertel    5: #
                      6: # Copyright Michigan State University Board of Trustees
                      7: #
                      8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
                      9: #
                     10: # LON-CAPA is free software; you can redistribute it and/or modify
                     11: # it under the terms of the GNU General Public License as published by
                     12: # the Free Software Foundation; either version 2 of the License, or
                     13: # (at your option) any later version.
                     14: #
                     15: # LON-CAPA is distributed in the hope that it will be useful,
                     16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
                     17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
                     18: # GNU General Public License for more details.
                     19: #
                     20: # You should have received a copy of the GNU General Public License
                     21: # along with LON-CAPA; if not, write to the Free Software
                     22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
                     23: #
                     24: # /home/httpd/html/adm/gpl.txt
                     25: #
                     26: # http://www.lon-capa.org/
                     27: #
1.1       www        28: # (Internal Server Error Handler
                     29: #
                     30: # (Login Screen
                     31: # 5/21/99,5/22,5/25,5/26,5/31,6/2,6/10,7/12,7/14,
                     32: # 1/14/00,5/29,5/30,6/1,6/29,7/1,11/9 Gerd Kortemeyer)
                     33: #
                     34: # 3/1/1 Gerd Kortemeyer)
                     35: #
                     36: # 3/1 Gerd Kortemeyer
                     37: #
1.3       matthew    38: # 2/13/02 2/14 2/15 Matthew Hall
                     39: #
                     40: # This package uses the "londes.js" javascript code. 
                     41: #
                     42: # TODOs that have to be completed:
                     43: #    interface with lonnet to change the password
                     44:  
1.1       www        45: package Apache::lonpreferences;
                     46: 
                     47: use strict;
                     48: use Apache::Constants qw(:common);
1.3       matthew    49: use Apache::File;
                     50: use Crypt::DES;
                     51: use DynaLoader; # for Crypt::DES version
1.4       matthew    52: use Apache::loncommon();
1.3       matthew    53: 
                     54: #
                     55: # Write lonnet::passwd to do the call below.
                     56: # Use:
                     57: #   my $answer=reply("encrypt:passwd:$udom:$uname:$upass",$tryserver);
                     58: #
                     59: ##################################################
                     60: #          password associated functions         #
                     61: ##################################################
                     62: sub des_keys {
1.4       matthew    63:     # Make a new key for DES encryption.
                     64:     # Each key has two parts which are returned seperately.
                     65:     # Please note:  Each key must be passed through the &hex function
                     66:     # before it is output to the web browser.  The hex versions cannot
                     67:     # be used to decrypt.
1.3       matthew    68:     my @hexstr=('0','1','2','3','4','5','6','7',
                     69:                 '8','9','a','b','c','d','e','f');
                     70:     my $lkey='';
                     71:     for (0..7) {
                     72:         $lkey.=$hexstr[rand(15)];
                     73:     }
                     74:     my $ukey='';
                     75:     for (0..7) {
                     76:         $ukey.=$hexstr[rand(15)];
                     77:     }
                     78:     return ($lkey,$ukey);
                     79: }
                     80: 
                     81: sub des_decrypt {
                     82:     my ($key,$cyphertext) = @_;
                     83:     my $keybin=pack("H16",$key);
                     84:     my $cypher;
                     85:     if ($Crypt::DES::VERSION>=2.03) {
                     86:         $cypher=new Crypt::DES $keybin;
                     87:     } else {
                     88:         $cypher=new DES $keybin;
                     89:     }
                     90:     my $plaintext=
                     91: 	$cypher->decrypt(unpack("a8",pack("H16",substr($cyphertext,0,16))));
                     92:     $plaintext.=
                     93: 	$cypher->decrypt(unpack("a8",pack("H16",substr($cyphertext,16,16))));
1.4       matthew    94:     $plaintext=substr($plaintext,1,ord(substr($plaintext,0,1)) );
1.3       matthew    95:     return $plaintext;
                     96: }
                     97: 
1.4       matthew    98: ################################################################
                     99: #                       Handler subroutines                    #
                    100: ################################################################
1.9       matthew   101: 
                    102: ################################################################
                    103: #         Anonymous Discussion Name Change Subroutines         #
                    104: ################################################################
1.5       www       105: sub screennamechanger {
                    106:     my $r = shift;
                    107:     my $user       = $ENV{'user.name'};
                    108:     my $domain     = $ENV{'user.domain'};
1.6       www       109:     my %userenv = &Apache::lonnet::get('environment',['screenname']);
                    110:     my $screenname=$userenv{'screenname'};
1.10      www       111:     my $bodytag=&Apache::loncommon::bodytag(
                    112:                                          'Change Your Anonymous Screen Name');
1.5       www       113:     $r->print(<<ENDSCREEN);
                    114: <html>
1.10      www       115: $bodytag
                    116: 
1.6       www       117: <form name="server" action="/adm/preferences" method="post">
                    118: <input type="hidden" name="action" value="verify_and_change_screenname" />
                    119: New screenname:
                    120: <input type="text" size="20" value="$screenname" name="screenname" />
                    121: <input type="submit" value="Change" />
                    122: </form>
1.5       www       123: </body>
                    124: </html>
                    125: ENDSCREEN
                    126: }
1.6       www       127: 
                    128: sub verify_and_change_screenname {
                    129:     my $r = shift;
                    130:     my $user       = $ENV{'user.name'};
                    131:     my $domain     = $ENV{'user.domain'};
                    132:     my $newscreen  = $ENV{'form.screenname'};
                    133:     $newscreen=~s/\W//g;
                    134:     my $message='';
                    135:     if ($newscreen) {
1.7       www       136:         &Apache::lonnet::put('environment',{'screenname' => $newscreen});
                    137:         &Apache::lonnet::appenv('environment.screenname' => $newscreen);
1.6       www       138:         $message='Set new screenname to '.$newscreen;
                    139:     } else {
                    140:         &Apache::lonnet::del('environment',['screenname']);
1.7       www       141:         &Apache::lonnet::delenv('environment\.screenname');
1.6       www       142:         $message='Reset screenname';
                    143:     }
1.10      www       144:     my $bodytag=&Apache::loncommon::bodytag(
                    145:                                          'Change Your Anonymous Screen Name');
1.6       www       146:     $r->print(<<ENDVCSCREEN);
                    147: <html>
1.10      www       148: $bodytag
1.6       www       149: </p>
                    150: $message
                    151: </body></html>
                    152: ENDVCSCREEN
                    153: }
                    154: 
1.12      www       155: ################################################################
                    156: #         Message Forward                                      #
                    157: ################################################################
                    158: 
                    159: sub msgforwardchanger {
                    160:     my $r = shift;
                    161:     my $user       = $ENV{'user.name'};
                    162:     my $domain     = $ENV{'user.domain'};
                    163:     my %userenv = &Apache::lonnet::get('environment',['msgforward']);
                    164:     my $msgforward=$userenv{'msgforward'};
                    165:     my $bodytag=&Apache::loncommon::bodytag(
                    166:                                          'Change Your Message Forwarding');
                    167:     $r->print(<<ENDMSG);
                    168: <html>
                    169: $bodytag
                    170: 
                    171: <form name="server" action="/adm/preferences" method="post">
                    172: <input type="hidden" name="action" value="verify_and_change_msgforward" />
                    173: New Forwarding Address(es) (<tt>user:domain,user:domain,...</tt>):
                    174: <input type="text" size="40" value="$msgforward" name="msgforward" />
                    175: <input type="submit" value="Change" />
                    176: </form>
                    177: </body>
                    178: </html>
                    179: ENDMSG
                    180: }
                    181: 
                    182: sub verify_and_change_msgforward {
                    183:     my $r = shift;
                    184:     my $user       = $ENV{'user.name'};
                    185:     my $domain     = $ENV{'user.domain'};
                    186:     my $newscreen  = '';
                    187:     my $message='';
                    188:     foreach (split(/\,/,$ENV{'form.msgforward'})) {
                    189: 	my ($msuser,$msdomain)=split(/[\@\:]/,$_);
                    190:         $msuser=~s/\W//g;
                    191:         $msdomain=~s/\W//g;
                    192:         if (($msuser) && ($msdomain)) {
                    193: 	    if (&Apache::lonnet::homeserver($msuser,$msdomain) ne 'no_host') {
                    194:                $newscreen.=$msuser.':'.$msdomain.',';
                    195: 	   } else {
                    196:                $message.='No such user: '.$msuser.':'.$msdomain.'<br>';
                    197:            }
                    198:         }
                    199:     }
                    200:     $newscreen=~s/\,$//;
                    201:     if ($newscreen) {
                    202:         &Apache::lonnet::put('environment',{'msgforward' => $newscreen});
                    203:         &Apache::lonnet::appenv('environment.msgforward' => $newscreen);
                    204:         $message.='Set new message forwarding to '.$newscreen;
                    205:     } else {
                    206:         &Apache::lonnet::del('environment',['msgforward']);
                    207:         &Apache::lonnet::delenv('environment\.msgforward');
                    208:         $message.='Reset message forwarding';
                    209:     }
                    210:     my $bodytag=&Apache::loncommon::bodytag(
                    211:                                          'Change Your Message Forwarding');
                    212:     $r->print(<<ENDVCMSG);
                    213: <html>
                    214: $bodytag
                    215: </p>
                    216: $message
                    217: </body></html>
                    218: ENDVCMSG
                    219: }
                    220: 
1.4       matthew   221: ######################################################
                    222: #            password handler subroutines            #
                    223: ######################################################
1.3       matthew   224: sub passwordchanger {
1.4       matthew   225:     # This function is a bit of a mess....
1.3       matthew   226:     # Passwords are encrypted using londes.js (DES encryption)
                    227:     my $r = shift;
1.4       matthew   228:     my $errormessage = shift;
                    229:     $errormessage = ($errormessage || '');
1.3       matthew   230:     my $user       = $ENV{'user.name'};
                    231:     my $domain     = $ENV{'user.domain'};
                    232:     my $homeserver = $ENV{'user.home'};
                    233:     my $currentauth=&Apache::lonnet::queryauthenticate($user,$domain);
                    234:     # Check for authentication types that allow changing of the password.
                    235:     return if ($currentauth !~ /^(unix|internal):/);
                    236:     #
                    237:     # Generate keys
                    238:     my ($lkey_cpass ,$ukey_cpass ) = &des_keys();
                    239:     my ($lkey_npass1,$ukey_npass1) = &des_keys();
                    240:     my ($lkey_npass2,$ukey_npass2) = &des_keys();
1.4       matthew   241:     # Store the keys in the log files
1.3       matthew   242:     my $lonhost = $r->dir_config('lonHostID');
                    243:     my $logtoken=Apache::lonnet::reply('tmpput:'
                    244: 				       .$ukey_cpass  . $lkey_cpass .'&'
                    245: 				       .$ukey_npass1 . $lkey_npass1.'&'
                    246: 				       .$ukey_npass2 . $lkey_npass2,
                    247: 				       $lonhost);
1.4       matthew   248:     # Hexify the keys for output as javascript variables
1.3       matthew   249:     $ukey_cpass = hex($ukey_cpass);
                    250:     $lkey_cpass = hex($lkey_cpass);
                    251:     $ukey_npass1= hex($ukey_npass1);
                    252:     $lkey_npass1= hex($lkey_npass1);
                    253:     $ukey_npass2= hex($ukey_npass2);
                    254:     $lkey_npass2= hex($lkey_npass2);
                    255:     # Output javascript to deal with passwords
1.4       matthew   256:     # Output DES javascript
1.9       matthew   257:     $r->print("<html><head>");
1.3       matthew   258:     {
                    259: 	my $include = $r->dir_config('lonIncludes');
                    260: 	my $jsh=Apache::File->new($include."/londes.js");
                    261: 	$r->print(<$jsh>);
                    262:     }
1.10      www       263:     my $bodytag=&Apache::loncommon::bodytag('Change Password','',
                    264:                                          'onLoad="init();"');
1.3       matthew   265:     $r->print(<<ENDFORM);
1.9       matthew   266: </head>
1.10      www       267: $bodytag
1.1       www       268: 
1.3       matthew   269: <script language="JavaScript">
                    270: 
                    271:     function send() {
                    272:         uextkey=this.document.client.elements.ukey_cpass.value;
                    273:         lextkey=this.document.client.elements.lkey_cpass.value;
                    274:         initkeys();
                    275: 
                    276:         this.document.server.elements.currentpass.value
                    277:             =crypted(this.document.client.elements.currentpass.value);
                    278: 
                    279:         uextkey=this.document.client.elements.ukey_npass1.value;
                    280:         lextkey=this.document.client.elements.lkey_npass1.value;
                    281:         initkeys();
                    282:         this.document.server.elements.newpass_1.value
                    283:             =crypted(this.document.client.elements.newpass_1.value);
                    284: 
                    285:         uextkey=this.document.client.elements.ukey_npass2.value;
                    286:         lextkey=this.document.client.elements.lkey_npass2.value;
                    287:         initkeys();
                    288:         this.document.server.elements.newpass_2.value
                    289:             =crypted(this.document.client.elements.newpass_2.value);
                    290: 
                    291:         this.document.server.submit();
                    292:     }
                    293: 
                    294: </script>
1.4       matthew   295: $errormessage
1.10      www       296: 
1.3       matthew   297: <p>
                    298: <!-- We seperate the forms into 'server' and 'client' in order to
                    299:      ensure that unencrypted passwords will not be sent out by a
                    300:      crappy browser -->
                    301: 
                    302: <form name="server" action="/adm/preferences" method="post">
                    303: <input type="hidden" name="logtoken"    value="$logtoken" />
                    304: <input type="hidden" name="action"      value="verify_and_change_pass" />
                    305: <input type="hidden" name="currentpass" value="" />
1.4       matthew   306: <input type="hidden" name="newpass_1"   value="" />
                    307: <input type="hidden" name="newpass_2"   value="" />
1.3       matthew   308: </form>
                    309: 
                    310: <form name="client" >
                    311: <table>
1.4       matthew   312: <tr><td align="right"> Current password:                      </td>
                    313:     <td><input type="password" name="currentpass" size="10"/> </td></tr>
                    314: <tr><td align="right"> New password:                          </td>
                    315:     <td><input type="password" name="newpass_1" size="10"  /> </td></tr>
                    316: <tr><td align="right"> Confirm password:                      </td>
                    317:     <td><input type="password" name="newpass_2" size="10"  /> </td></tr>
1.3       matthew   318: <tr><td colspan="2" align="center">
                    319:     <input type="button" value="Change Password" onClick="send();">
                    320: </table>
1.4       matthew   321: <input type="hidden" name="ukey_cpass"  value="$ukey_cpass" />
                    322: <input type="hidden" name="lkey_cpass"  value="$lkey_cpass" />
1.3       matthew   323: <input type="hidden" name="ukey_npass1" value="$ukey_npass1" />
                    324: <input type="hidden" name="lkey_npass1" value="$lkey_npass1" />
                    325: <input type="hidden" name="ukey_npass2" value="$ukey_npass2" />
                    326: <input type="hidden" name="lkey_npass2" value="$lkey_npass2" />
                    327: </form>
                    328: </p>
                    329: ENDFORM
                    330:     #
                    331:     return;
                    332: }
                    333: 
                    334: sub verify_and_change_password {
                    335:     my $r = shift;
                    336:     my $user       = $ENV{'user.name'};
                    337:     my $domain     = $ENV{'user.domain'};
                    338:     my $homeserver = $ENV{'user.home'};
                    339:     my $currentauth=&Apache::lonnet::queryauthenticate($user,$domain);
1.4       matthew   340:     # Check for authentication types that allow changing of the password.
                    341:     return if ($currentauth !~ /^(unix|internal):/);
1.3       matthew   342:     #
1.4       matthew   343:     $r->print(<<ENDHEADER);
                    344: <html>
                    345: <head>
                    346: <title>LON-CAPA Preferences:  Change password for $user</title>
                    347: </head>
                    348: ENDHEADER
1.3       matthew   349:     #
                    350:     my $currentpass = $ENV{'form.currentpass'}; 
                    351:     my $newpass1    = $ENV{'form.newpass_1'}; 
                    352:     my $newpass2    = $ENV{'form.newpass_2'};
                    353:     my $logtoken    = $ENV{'form.logtoken'};
                    354:     # Check for empty data 
1.4       matthew   355:     unless (defined($currentpass) && 
                    356: 	    defined($newpass1)    && 
                    357: 	    defined($newpass2)    ){
                    358: 	&passwordchanger($r,"<p>\n<font color='#ff0000'>ERROR</font>".
                    359: 			 "Password data was blank.\n</p>");
1.3       matthew   360: 	return;
                    361:     }
                    362:     # Get the keys
                    363:     my $lonhost = $r->dir_config('lonHostID');
                    364:     my $tmpinfo = Apache::lonnet::reply('tmpget:'.$logtoken,$lonhost);
                    365:     if (($tmpinfo=~/^error/) || ($tmpinfo eq 'con_lost')) {
1.4       matthew   366:         # I do not a have a better idea about how to handle this
1.3       matthew   367: 	$r->print(<<ENDERROR);
                    368: <p>
                    369: <font color="#ff0000">ERROR:</font> Unable to retrieve stored token for
1.4       matthew   370: password decryption.  Please log out and try again.
1.3       matthew   371: </p>
                    372: ENDERROR
1.4       matthew   373:         # Probably should log an error here
1.3       matthew   374:         return;
                    375:     }
                    376:     my ($ckey,$n1key,$n2key)=split(/&/,$tmpinfo);
1.4       matthew   377:     # 
1.3       matthew   378:     my $currentpass = &des_decrypt($ckey ,$currentpass);
                    379:     my $newpass1    = &des_decrypt($n1key,$newpass1);
                    380:     my $newpass2    = &des_decrypt($n2key,$newpass2);
1.4       matthew   381:     # 
1.3       matthew   382:     if ($newpass1 ne $newpass2) {
1.4       matthew   383: 	&passwordchanger($r,
                    384: 			 '<font color="#ff0000">ERROR:</font>'.
                    385: 			 'The new passwords you entered do not match.  '.
                    386: 			 'Please try again.');
                    387: 	return;
                    388:     }
                    389:     if (length($newpass1) < 7) {
                    390: 	&passwordchanger($r,
                    391: 			 '<font color="#ff0000">ERROR:</font>'.
                    392: 			 'Passwords must be a minimum of 7 characters long.  '.
                    393: 			 'Please try again.');
1.3       matthew   394: 	return;
                    395:     }
1.4       matthew   396:     #
                    397:     # Check for bad characters
                    398:     my $badpassword = 0;
                    399:     foreach (split(//,$newpass1)) {
                    400: 	$badpassword = 1 if ((ord($_)<32)||(ord($_)>126));
                    401:     }
                    402:     if ($badpassword) {
                    403: 	# I can't figure out how to enter bad characters on my browser.
                    404: 	&passwordchanger($r,<<ENDERROR);
                    405: <font color="#ff0000">ERROR:</font>
                    406: The password you entered contained illegal characters.<br />
                    407: Valid characters are: space and <br />
                    408: <pre>
                    409: !&quot;\#$%&amp;\'()*+,-./0123456789:;&lt;=&gt;?\@
                    410: ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_\`abcdefghijklmnopqrstuvwxyz{|}~
                    411: </pre>
                    412: ENDERROR
                    413:     }
                    414:     # 
                    415:     # Change the password (finally)
                    416:     my $result = &Apache::lonnet::changepass
                    417: 	($user,$domain,$currentpass,$newpass1,$homeserver);
                    418:     # Inform the user the password has (not?) been changed
                    419:     if ($result =~ /^ok$/) {
                    420: 	$r->print(<<"ENDTEXT");
1.9       matthew   421: <h2>The password for $user was successfully changed</h2>
1.4       matthew   422: ENDTEXT
                    423:     } else {
                    424: 	# error error: run in circles, scream and shout
                    425:         $r->print(<<ENDERROR);
1.9       matthew   426: <h2><font color="#ff0000">The password for $user was not changed</font></h2>
1.8       matthew   427: Please make sure your old password was entered correctly.
1.4       matthew   428: ENDERROR
                    429:     }
                    430:     return;
1.3       matthew   431: }
                    432: 
1.4       matthew   433: ######################################################
                    434: #            other handler subroutines               #
                    435: ######################################################
                    436: 
1.3       matthew   437: ################################################################
                    438: #                          Main handler                        #
                    439: ################################################################
1.1       www       440: sub handler {
                    441:     my $r = shift;
1.3       matthew   442:     my $user = $ENV{'user.name'};
                    443:     my $domain = $ENV{'user.domain'};
1.1       www       444:     $r->content_type('text/html');
1.4       matthew   445:     # Some pages contain DES keys and should not be cached.
                    446:     &Apache::loncommon::no_cache($r);
1.1       www       447:     $r->send_http_header;
                    448:     return OK if $r->header_only;
1.9       matthew   449:     #
1.3       matthew   450:     if ($ENV{'form.action'} eq 'changepass') {
                    451: 	&passwordchanger($r);
                    452:     } elsif ($ENV{'form.action'} eq 'verify_and_change_pass') {
                    453: 	&verify_and_change_password($r);
1.5       www       454:     } elsif ($ENV{'form.action'} eq 'changescreenname') {
                    455:         &screennamechanger($r);
1.6       www       456:     } elsif ($ENV{'form.action'} eq 'verify_and_change_screenname') {
                    457:         &verify_and_change_screenname($r);
1.12      www       458:     } elsif ($ENV{'form.action'} eq 'changemsgforward') {
                    459:         &msgforwardchanger($r);
                    460:     } elsif ($ENV{'form.action'} eq 'verify_and_change_msgforward') {
                    461:         &verify_and_change_msgforward($r);
1.3       matthew   462:     } else {
                    463: 	$r->print(<<ENDHEADER);
1.1       www       464: <html>
                    465: <head>
1.4       matthew   466: <title>LON-CAPA Preferences</title>
1.1       www       467: </head>
1.3       matthew   468: ENDHEADER
1.10      www       469:         $r->print(&Apache::loncommon::bodytag('Change Your Preferences'));
1.3       matthew   470: 	# Determine current authentication method
                    471: 	my $currentauth=&Apache::lonnet::queryauthenticate($user,$domain);
                    472: 	if ($currentauth =~ /^(unix|internal):/) {
1.4       matthew   473: 	    $r->print(<<ENDPASSWORDFORM);
                    474: <form name="client" action="/adm/preferences" method="post">
                    475: <input type="hidden" name="action" value="changepass">
                    476: <input type="submit" value="Change password">
                    477: </form>
                    478: ENDPASSWORDFORM
1.13    ! www       479:         }
1.5       www       480: # Change screen name
                    481: 	    $r->print(<<ENDSCREENNAMEFORM);
                    482: <form name="client" action="/adm/preferences" method="post">
                    483: <input type="hidden" name="action" value="changescreenname">
                    484: <input type="submit" value="Change anonymous discussion screen name">
                    485: </form>
                    486: ENDSCREENNAMEFORM
1.12      www       487: 	    $r->print(<<ENDMSGFORWARDFORM);
                    488: <form name="client" action="/adm/preferences" method="post">
                    489: <input type="hidden" name="action" value="changemsgforward">
                    490: <input type="submit" value="Change message forwarding address">
                    491: </form>
                    492: ENDMSGFORWARDFORM
1.11      www       493: # The "about me" page
                    494:             my $aboutmeaction=
                    495:         '/adm/'.$ENV{'user.domain'}.'/'.$ENV{'user.name'}.'/aboutme';
                    496: 	    $r->print(<<ENDABOUTME);
                    497: <form name="client" action="$aboutmeaction" method="post">
                    498: <input type="hidden" name="action" value="changescreenname">
                    499: <input type="submit" value="Edit the 'About Me' Personal Information Screen">
                    500: </form>
                    501: ENDABOUTME
1.4       matthew   502:             # Other preference setting code should be added here
1.3       matthew   503:     }
                    504:     $r->print(<<ENDFOOTER);
1.1       www       505: </body>
                    506: </html>
1.3       matthew   507: ENDFOOTER
1.1       www       508:     return OK;
1.13    ! www       509: }
1.1       www       510: 
                    511: 1;
                    512: __END__

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>