Annotation of loncom/interface/lonpreferences.pm, revision 1.15
1.1 www 1: # The LearningOnline Network
2: # Preferences
3: #
1.15 ! albertel 4: # $Id: lonpreferences.pm,v 1.14 2002/09/13 19:32:09 www Exp $
1.2 albertel 5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
1.1 www 28: # (Internal Server Error Handler
29: #
30: # (Login Screen
31: # 5/21/99,5/22,5/25,5/26,5/31,6/2,6/10,7/12,7/14,
32: # 1/14/00,5/29,5/30,6/1,6/29,7/1,11/9 Gerd Kortemeyer)
33: #
34: # 3/1/1 Gerd Kortemeyer)
35: #
36: # 3/1 Gerd Kortemeyer
37: #
1.3 matthew 38: # 2/13/02 2/14 2/15 Matthew Hall
39: #
40: # This package uses the "londes.js" javascript code.
41: #
42: # TODOs that have to be completed:
43: # interface with lonnet to change the password
44:
1.1 www 45: package Apache::lonpreferences;
46:
47: use strict;
48: use Apache::Constants qw(:common);
1.3 matthew 49: use Apache::File;
50: use Crypt::DES;
51: use DynaLoader; # for Crypt::DES version
1.4 matthew 52: use Apache::loncommon();
1.3 matthew 53:
54: #
55: # Write lonnet::passwd to do the call below.
56: # Use:
57: # my $answer=reply("encrypt:passwd:$udom:$uname:$upass",$tryserver);
58: #
59: ##################################################
60: # password associated functions #
61: ##################################################
62: sub des_keys {
1.4 matthew 63: # Make a new key for DES encryption.
64: # Each key has two parts which are returned seperately.
65: # Please note: Each key must be passed through the &hex function
66: # before it is output to the web browser. The hex versions cannot
67: # be used to decrypt.
1.3 matthew 68: my @hexstr=('0','1','2','3','4','5','6','7',
69: '8','9','a','b','c','d','e','f');
70: my $lkey='';
71: for (0..7) {
72: $lkey.=$hexstr[rand(15)];
73: }
74: my $ukey='';
75: for (0..7) {
76: $ukey.=$hexstr[rand(15)];
77: }
78: return ($lkey,$ukey);
79: }
80:
81: sub des_decrypt {
82: my ($key,$cyphertext) = @_;
83: my $keybin=pack("H16",$key);
84: my $cypher;
85: if ($Crypt::DES::VERSION>=2.03) {
86: $cypher=new Crypt::DES $keybin;
87: } else {
88: $cypher=new DES $keybin;
89: }
90: my $plaintext=
91: $cypher->decrypt(unpack("a8",pack("H16",substr($cyphertext,0,16))));
92: $plaintext.=
93: $cypher->decrypt(unpack("a8",pack("H16",substr($cyphertext,16,16))));
1.4 matthew 94: $plaintext=substr($plaintext,1,ord(substr($plaintext,0,1)) );
1.3 matthew 95: return $plaintext;
96: }
97:
1.4 matthew 98: ################################################################
99: # Handler subroutines #
100: ################################################################
1.9 matthew 101:
102: ################################################################
103: # Anonymous Discussion Name Change Subroutines #
104: ################################################################
1.5 www 105: sub screennamechanger {
106: my $r = shift;
107: my $user = $ENV{'user.name'};
108: my $domain = $ENV{'user.domain'};
1.14 www 109: my %userenv = &Apache::lonnet::get
110: ('environment',['screenname','nickname']);
1.6 www 111: my $screenname=$userenv{'screenname'};
1.14 www 112: my $nickname=$userenv{'nickname'};
1.10 www 113: my $bodytag=&Apache::loncommon::bodytag(
1.14 www 114: 'Change Your Nickname and Anonymous Screen Name');
1.5 www 115: $r->print(<<ENDSCREEN);
116: <html>
1.10 www 117: $bodytag
118:
1.6 www 119: <form name="server" action="/adm/preferences" method="post">
120: <input type="hidden" name="action" value="verify_and_change_screenname" />
1.14 www 121: <br />New screenname (shown if you post anonymously):
1.6 www 122: <input type="text" size="20" value="$screenname" name="screenname" />
1.14 www 123: <br />New nickname (shown if you post non-anonymously):
124: <input type="text" size="20" value="$nickname" name="nickname" />
1.6 www 125: <input type="submit" value="Change" />
126: </form>
1.5 www 127: </body>
128: </html>
129: ENDSCREEN
130: }
1.6 www 131:
132: sub verify_and_change_screenname {
133: my $r = shift;
134: my $user = $ENV{'user.name'};
135: my $domain = $ENV{'user.domain'};
1.14 www 136: # Screenname
1.6 www 137: my $newscreen = $ENV{'form.screenname'};
1.14 www 138: $newscreen=~s/[^ \w]//g;
1.6 www 139: my $message='';
140: if ($newscreen) {
1.7 www 141: &Apache::lonnet::put('environment',{'screenname' => $newscreen});
142: &Apache::lonnet::appenv('environment.screenname' => $newscreen);
1.6 www 143: $message='Set new screenname to '.$newscreen;
144: } else {
145: &Apache::lonnet::del('environment',['screenname']);
1.7 www 146: &Apache::lonnet::delenv('environment\.screenname');
1.6 www 147: $message='Reset screenname';
148: }
1.14 www 149: # Nickname
150: $message.='<br />';
151: my $newscreen = $ENV{'form.nickname'};
152: $newscreen=~s/[^ \w]//g;
153: if ($newscreen) {
154: &Apache::lonnet::put('environment',{'nickname' => $newscreen});
155: &Apache::lonnet::appenv('environment.nickname' => $newscreen);
156: $message.='Set new nickname to '.$newscreen;
157: } else {
158: &Apache::lonnet::del('environment',['nickname']);
159: &Apache::lonnet::delenv('environment\.nickname');
160: $message.='Reset nickname';
161: }
162:
1.10 www 163: my $bodytag=&Apache::loncommon::bodytag(
1.14 www 164: 'Change Your Nickname and Anonymous Screen Name');
1.6 www 165: $r->print(<<ENDVCSCREEN);
166: <html>
1.10 www 167: $bodytag
1.6 www 168: </p>
169: $message
170: </body></html>
171: ENDVCSCREEN
172: }
173:
1.12 www 174: ################################################################
175: # Message Forward #
176: ################################################################
177:
178: sub msgforwardchanger {
179: my $r = shift;
180: my $user = $ENV{'user.name'};
181: my $domain = $ENV{'user.domain'};
182: my %userenv = &Apache::lonnet::get('environment',['msgforward']);
183: my $msgforward=$userenv{'msgforward'};
184: my $bodytag=&Apache::loncommon::bodytag(
185: 'Change Your Message Forwarding');
186: $r->print(<<ENDMSG);
187: <html>
188: $bodytag
189:
190: <form name="server" action="/adm/preferences" method="post">
191: <input type="hidden" name="action" value="verify_and_change_msgforward" />
192: New Forwarding Address(es) (<tt>user:domain,user:domain,...</tt>):
193: <input type="text" size="40" value="$msgforward" name="msgforward" />
194: <input type="submit" value="Change" />
195: </form>
196: </body>
197: </html>
198: ENDMSG
199: }
200:
201: sub verify_and_change_msgforward {
202: my $r = shift;
203: my $user = $ENV{'user.name'};
204: my $domain = $ENV{'user.domain'};
205: my $newscreen = '';
206: my $message='';
207: foreach (split(/\,/,$ENV{'form.msgforward'})) {
208: my ($msuser,$msdomain)=split(/[\@\:]/,$_);
209: $msuser=~s/\W//g;
210: $msdomain=~s/\W//g;
211: if (($msuser) && ($msdomain)) {
212: if (&Apache::lonnet::homeserver($msuser,$msdomain) ne 'no_host') {
213: $newscreen.=$msuser.':'.$msdomain.',';
214: } else {
215: $message.='No such user: '.$msuser.':'.$msdomain.'<br>';
216: }
217: }
218: }
219: $newscreen=~s/\,$//;
220: if ($newscreen) {
221: &Apache::lonnet::put('environment',{'msgforward' => $newscreen});
222: &Apache::lonnet::appenv('environment.msgforward' => $newscreen);
223: $message.='Set new message forwarding to '.$newscreen;
224: } else {
225: &Apache::lonnet::del('environment',['msgforward']);
226: &Apache::lonnet::delenv('environment\.msgforward');
227: $message.='Reset message forwarding';
228: }
229: my $bodytag=&Apache::loncommon::bodytag(
230: 'Change Your Message Forwarding');
231: $r->print(<<ENDVCMSG);
232: <html>
233: $bodytag
234: </p>
235: $message
236: </body></html>
237: ENDVCMSG
238: }
239:
1.4 matthew 240: ######################################################
241: # password handler subroutines #
242: ######################################################
1.3 matthew 243: sub passwordchanger {
1.4 matthew 244: # This function is a bit of a mess....
1.3 matthew 245: # Passwords are encrypted using londes.js (DES encryption)
246: my $r = shift;
1.4 matthew 247: my $errormessage = shift;
248: $errormessage = ($errormessage || '');
1.3 matthew 249: my $user = $ENV{'user.name'};
250: my $domain = $ENV{'user.domain'};
251: my $homeserver = $ENV{'user.home'};
252: my $currentauth=&Apache::lonnet::queryauthenticate($user,$domain);
253: # Check for authentication types that allow changing of the password.
254: return if ($currentauth !~ /^(unix|internal):/);
255: #
256: # Generate keys
257: my ($lkey_cpass ,$ukey_cpass ) = &des_keys();
258: my ($lkey_npass1,$ukey_npass1) = &des_keys();
259: my ($lkey_npass2,$ukey_npass2) = &des_keys();
1.4 matthew 260: # Store the keys in the log files
1.3 matthew 261: my $lonhost = $r->dir_config('lonHostID');
262: my $logtoken=Apache::lonnet::reply('tmpput:'
263: .$ukey_cpass . $lkey_cpass .'&'
264: .$ukey_npass1 . $lkey_npass1.'&'
265: .$ukey_npass2 . $lkey_npass2,
266: $lonhost);
1.4 matthew 267: # Hexify the keys for output as javascript variables
1.3 matthew 268: $ukey_cpass = hex($ukey_cpass);
269: $lkey_cpass = hex($lkey_cpass);
270: $ukey_npass1= hex($ukey_npass1);
271: $lkey_npass1= hex($lkey_npass1);
272: $ukey_npass2= hex($ukey_npass2);
273: $lkey_npass2= hex($lkey_npass2);
274: # Output javascript to deal with passwords
1.4 matthew 275: # Output DES javascript
1.9 matthew 276: $r->print("<html><head>");
1.3 matthew 277: {
278: my $include = $r->dir_config('lonIncludes');
279: my $jsh=Apache::File->new($include."/londes.js");
280: $r->print(<$jsh>);
281: }
1.10 www 282: my $bodytag=&Apache::loncommon::bodytag('Change Password','',
283: 'onLoad="init();"');
1.3 matthew 284: $r->print(<<ENDFORM);
1.9 matthew 285: </head>
1.10 www 286: $bodytag
1.1 www 287:
1.3 matthew 288: <script language="JavaScript">
289:
290: function send() {
291: uextkey=this.document.client.elements.ukey_cpass.value;
292: lextkey=this.document.client.elements.lkey_cpass.value;
293: initkeys();
294:
295: this.document.server.elements.currentpass.value
296: =crypted(this.document.client.elements.currentpass.value);
297:
298: uextkey=this.document.client.elements.ukey_npass1.value;
299: lextkey=this.document.client.elements.lkey_npass1.value;
300: initkeys();
301: this.document.server.elements.newpass_1.value
302: =crypted(this.document.client.elements.newpass_1.value);
303:
304: uextkey=this.document.client.elements.ukey_npass2.value;
305: lextkey=this.document.client.elements.lkey_npass2.value;
306: initkeys();
307: this.document.server.elements.newpass_2.value
308: =crypted(this.document.client.elements.newpass_2.value);
309:
310: this.document.server.submit();
311: }
312:
313: </script>
1.4 matthew 314: $errormessage
1.10 www 315:
1.3 matthew 316: <p>
317: <!-- We seperate the forms into 'server' and 'client' in order to
318: ensure that unencrypted passwords will not be sent out by a
319: crappy browser -->
320:
321: <form name="server" action="/adm/preferences" method="post">
322: <input type="hidden" name="logtoken" value="$logtoken" />
323: <input type="hidden" name="action" value="verify_and_change_pass" />
324: <input type="hidden" name="currentpass" value="" />
1.4 matthew 325: <input type="hidden" name="newpass_1" value="" />
326: <input type="hidden" name="newpass_2" value="" />
1.3 matthew 327: </form>
328:
329: <form name="client" >
330: <table>
1.4 matthew 331: <tr><td align="right"> Current password: </td>
332: <td><input type="password" name="currentpass" size="10"/> </td></tr>
333: <tr><td align="right"> New password: </td>
334: <td><input type="password" name="newpass_1" size="10" /> </td></tr>
335: <tr><td align="right"> Confirm password: </td>
336: <td><input type="password" name="newpass_2" size="10" /> </td></tr>
1.3 matthew 337: <tr><td colspan="2" align="center">
338: <input type="button" value="Change Password" onClick="send();">
339: </table>
1.4 matthew 340: <input type="hidden" name="ukey_cpass" value="$ukey_cpass" />
341: <input type="hidden" name="lkey_cpass" value="$lkey_cpass" />
1.3 matthew 342: <input type="hidden" name="ukey_npass1" value="$ukey_npass1" />
343: <input type="hidden" name="lkey_npass1" value="$lkey_npass1" />
344: <input type="hidden" name="ukey_npass2" value="$ukey_npass2" />
345: <input type="hidden" name="lkey_npass2" value="$lkey_npass2" />
346: </form>
347: </p>
348: ENDFORM
349: #
350: return;
351: }
352:
353: sub verify_and_change_password {
354: my $r = shift;
355: my $user = $ENV{'user.name'};
356: my $domain = $ENV{'user.domain'};
357: my $homeserver = $ENV{'user.home'};
358: my $currentauth=&Apache::lonnet::queryauthenticate($user,$domain);
1.4 matthew 359: # Check for authentication types that allow changing of the password.
360: return if ($currentauth !~ /^(unix|internal):/);
1.3 matthew 361: #
1.4 matthew 362: $r->print(<<ENDHEADER);
363: <html>
364: <head>
365: <title>LON-CAPA Preferences: Change password for $user</title>
366: </head>
367: ENDHEADER
1.3 matthew 368: #
369: my $currentpass = $ENV{'form.currentpass'};
370: my $newpass1 = $ENV{'form.newpass_1'};
371: my $newpass2 = $ENV{'form.newpass_2'};
372: my $logtoken = $ENV{'form.logtoken'};
373: # Check for empty data
1.4 matthew 374: unless (defined($currentpass) &&
375: defined($newpass1) &&
376: defined($newpass2) ){
377: &passwordchanger($r,"<p>\n<font color='#ff0000'>ERROR</font>".
378: "Password data was blank.\n</p>");
1.3 matthew 379: return;
380: }
1.15 ! albertel 381: # Get the keysecen my $lonhost = $r->dir_config('lonHostID');
1.3 matthew 382: my $tmpinfo = Apache::lonnet::reply('tmpget:'.$logtoken,$lonhost);
383: if (($tmpinfo=~/^error/) || ($tmpinfo eq 'con_lost')) {
1.4 matthew 384: # I do not a have a better idea about how to handle this
1.3 matthew 385: $r->print(<<ENDERROR);
386: <p>
387: <font color="#ff0000">ERROR:</font> Unable to retrieve stored token for
1.4 matthew 388: password decryption. Please log out and try again.
1.3 matthew 389: </p>
390: ENDERROR
1.4 matthew 391: # Probably should log an error here
1.3 matthew 392: return;
393: }
394: my ($ckey,$n1key,$n2key)=split(/&/,$tmpinfo);
1.4 matthew 395: #
1.3 matthew 396: my $currentpass = &des_decrypt($ckey ,$currentpass);
397: my $newpass1 = &des_decrypt($n1key,$newpass1);
398: my $newpass2 = &des_decrypt($n2key,$newpass2);
1.4 matthew 399: #
1.3 matthew 400: if ($newpass1 ne $newpass2) {
1.4 matthew 401: &passwordchanger($r,
402: '<font color="#ff0000">ERROR:</font>'.
403: 'The new passwords you entered do not match. '.
404: 'Please try again.');
405: return;
406: }
407: if (length($newpass1) < 7) {
408: &passwordchanger($r,
409: '<font color="#ff0000">ERROR:</font>'.
410: 'Passwords must be a minimum of 7 characters long. '.
411: 'Please try again.');
1.3 matthew 412: return;
413: }
1.4 matthew 414: #
415: # Check for bad characters
416: my $badpassword = 0;
417: foreach (split(//,$newpass1)) {
418: $badpassword = 1 if ((ord($_)<32)||(ord($_)>126));
419: }
420: if ($badpassword) {
421: # I can't figure out how to enter bad characters on my browser.
422: &passwordchanger($r,<<ENDERROR);
423: <font color="#ff0000">ERROR:</font>
424: The password you entered contained illegal characters.<br />
425: Valid characters are: space and <br />
426: <pre>
427: !"\#$%&\'()*+,-./0123456789:;<=>?\@
428: ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_\`abcdefghijklmnopqrstuvwxyz{|}~
429: </pre>
430: ENDERROR
431: }
432: #
433: # Change the password (finally)
434: my $result = &Apache::lonnet::changepass
435: ($user,$domain,$currentpass,$newpass1,$homeserver);
436: # Inform the user the password has (not?) been changed
437: if ($result =~ /^ok$/) {
438: $r->print(<<"ENDTEXT");
1.9 matthew 439: <h2>The password for $user was successfully changed</h2>
1.4 matthew 440: ENDTEXT
441: } else {
442: # error error: run in circles, scream and shout
443: $r->print(<<ENDERROR);
1.9 matthew 444: <h2><font color="#ff0000">The password for $user was not changed</font></h2>
1.8 matthew 445: Please make sure your old password was entered correctly.
1.4 matthew 446: ENDERROR
447: }
448: return;
1.3 matthew 449: }
450:
1.4 matthew 451: ######################################################
452: # other handler subroutines #
453: ######################################################
454:
1.3 matthew 455: ################################################################
456: # Main handler #
457: ################################################################
1.1 www 458: sub handler {
459: my $r = shift;
1.3 matthew 460: my $user = $ENV{'user.name'};
461: my $domain = $ENV{'user.domain'};
1.1 www 462: $r->content_type('text/html');
1.4 matthew 463: # Some pages contain DES keys and should not be cached.
464: &Apache::loncommon::no_cache($r);
1.1 www 465: $r->send_http_header;
466: return OK if $r->header_only;
1.9 matthew 467: #
1.3 matthew 468: if ($ENV{'form.action'} eq 'changepass') {
469: &passwordchanger($r);
470: } elsif ($ENV{'form.action'} eq 'verify_and_change_pass') {
471: &verify_and_change_password($r);
1.5 www 472: } elsif ($ENV{'form.action'} eq 'changescreenname') {
473: &screennamechanger($r);
1.6 www 474: } elsif ($ENV{'form.action'} eq 'verify_and_change_screenname') {
475: &verify_and_change_screenname($r);
1.12 www 476: } elsif ($ENV{'form.action'} eq 'changemsgforward') {
477: &msgforwardchanger($r);
478: } elsif ($ENV{'form.action'} eq 'verify_and_change_msgforward') {
479: &verify_and_change_msgforward($r);
1.15 ! albertel 480: } elsif ($ENV{'form.action'} eq 'debugtoggle') {
! 481: if ($ENV{'user.name'} eq 'albertel' ) {
! 482: if ($ENV{'user.debug'}) {
! 483: &Apache::lonnet::delenv('user\.debug');
! 484: } else {
! 485: &Apache::lonnet::appenv('user.debug' => 1);
! 486: }
! 487: }
1.3 matthew 488: } else {
489: $r->print(<<ENDHEADER);
1.1 www 490: <html>
491: <head>
1.4 matthew 492: <title>LON-CAPA Preferences</title>
1.1 www 493: </head>
1.3 matthew 494: ENDHEADER
1.10 www 495: $r->print(&Apache::loncommon::bodytag('Change Your Preferences'));
1.3 matthew 496: # Determine current authentication method
497: my $currentauth=&Apache::lonnet::queryauthenticate($user,$domain);
498: if ($currentauth =~ /^(unix|internal):/) {
1.4 matthew 499: $r->print(<<ENDPASSWORDFORM);
500: <form name="client" action="/adm/preferences" method="post">
1.14 www 501: <input type="hidden" name="action" value="changepass" />
502: <input type="submit" value="Change password" />
1.4 matthew 503: </form>
504: ENDPASSWORDFORM
1.13 www 505: }
1.5 www 506: # Change screen name
507: $r->print(<<ENDSCREENNAMEFORM);
508: <form name="client" action="/adm/preferences" method="post">
1.14 www 509: <input type="hidden" name="action" value="changescreenname" />
510: <input type="submit"
511: value="Change nickname and anonymous discussion screen name" />
1.5 www 512: </form>
513: ENDSCREENNAMEFORM
1.12 www 514: $r->print(<<ENDMSGFORWARDFORM);
515: <form name="client" action="/adm/preferences" method="post">
1.14 www 516: <input type="hidden" name="action" value="changemsgforward" />
517: <input type="submit" value="Change message forwarding address" />
1.12 www 518: </form>
519: ENDMSGFORWARDFORM
1.11 www 520: # The "about me" page
1.15 ! albertel 521: my $aboutmeaction=
! 522: '/adm/'.$ENV{'user.domain'}.'/'.$ENV{'user.name'}.'/aboutme';
! 523: $r->print(<<ENDABOUTME);
1.11 www 524: <form name="client" action="$aboutmeaction" method="post">
1.14 www 525: <input type="hidden" name="action" value="changescreenname" />
526: <input type="submit" value="Edit the 'About Me' Personal Information Screen" />
1.11 www 527: </form>
528: ENDABOUTME
1.15 ! albertel 529: if ($ENV{'user.name'} eq 'albertel') {
! 530: $r->print(<<ENDDEBUG);
! 531: <form name="client" action="/adm/preferences" method="post">
! 532: <input type="hidden" name="action" value="debugtoggle" />
! 533: <input type="submit" value="Toggle Debug" />
! 534: Current Debug status is -$ENV{'user.debug'}-.
! 535: </form>
! 536: ENDDEBUG
! 537: }
! 538: # Other preference setting code should be added here
1.3 matthew 539: }
540: $r->print(<<ENDFOOTER);
1.1 www 541: </body>
542: </html>
1.3 matthew 543: ENDFOOTER
1.1 www 544: return OK;
1.13 www 545: }
1.1 www 546:
547: 1;
548: __END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>