Annotation of loncom/interface/lonpreferences.pm, revision 1.9
1.1 www 1: # The LearningOnline Network
2: # Preferences
3: #
1.9 ! matthew 4: # $Id: lonpreferences.pm,v 1.8 2002/04/30 14:03:52 matthew Exp $
1.2 albertel 5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
1.1 www 28: # (Internal Server Error Handler
29: #
30: # (Login Screen
31: # 5/21/99,5/22,5/25,5/26,5/31,6/2,6/10,7/12,7/14,
32: # 1/14/00,5/29,5/30,6/1,6/29,7/1,11/9 Gerd Kortemeyer)
33: #
34: # 3/1/1 Gerd Kortemeyer)
35: #
36: # 3/1 Gerd Kortemeyer
37: #
1.3 matthew 38: # 2/13/02 2/14 2/15 Matthew Hall
39: #
40: # This package uses the "londes.js" javascript code.
41: #
42: # TODOs that have to be completed:
43: # interface with lonnet to change the password
44:
1.1 www 45: package Apache::lonpreferences;
46:
47: use strict;
48: use Apache::Constants qw(:common);
1.3 matthew 49: use Apache::File;
50: use Crypt::DES;
51: use DynaLoader; # for Crypt::DES version
1.4 matthew 52: use Apache::loncommon();
1.3 matthew 53:
54: #
55: # Write lonnet::passwd to do the call below.
56: # Use:
57: # my $answer=reply("encrypt:passwd:$udom:$uname:$upass",$tryserver);
58: #
59: ##################################################
60: # password associated functions #
61: ##################################################
62: sub des_keys {
1.4 matthew 63: # Make a new key for DES encryption.
64: # Each key has two parts which are returned seperately.
65: # Please note: Each key must be passed through the &hex function
66: # before it is output to the web browser. The hex versions cannot
67: # be used to decrypt.
1.3 matthew 68: my @hexstr=('0','1','2','3','4','5','6','7',
69: '8','9','a','b','c','d','e','f');
70: my $lkey='';
71: for (0..7) {
72: $lkey.=$hexstr[rand(15)];
73: }
74: my $ukey='';
75: for (0..7) {
76: $ukey.=$hexstr[rand(15)];
77: }
78: return ($lkey,$ukey);
79: }
80:
81: sub des_decrypt {
82: my ($key,$cyphertext) = @_;
83: my $keybin=pack("H16",$key);
84: my $cypher;
85: if ($Crypt::DES::VERSION>=2.03) {
86: $cypher=new Crypt::DES $keybin;
87: } else {
88: $cypher=new DES $keybin;
89: }
90: my $plaintext=
91: $cypher->decrypt(unpack("a8",pack("H16",substr($cyphertext,0,16))));
92: $plaintext.=
93: $cypher->decrypt(unpack("a8",pack("H16",substr($cyphertext,16,16))));
1.4 matthew 94: $plaintext=substr($plaintext,1,ord(substr($plaintext,0,1)) );
1.3 matthew 95: return $plaintext;
96: }
97:
1.4 matthew 98: ################################################################
99: # Handler subroutines #
100: ################################################################
1.9 ! matthew 101:
! 102: ################################################################
! 103: # Anonymous Discussion Name Change Subroutines #
! 104: ################################################################
1.5 www 105: sub screennamechanger {
106: my $r = shift;
107: my $user = $ENV{'user.name'};
108: my $domain = $ENV{'user.domain'};
1.6 www 109: my %userenv = &Apache::lonnet::get('environment',['screenname']);
110: my $screenname=$userenv{'screenname'};
1.5 www 111: $r->print(<<ENDSCREEN);
112: <html>
113: <body bgcolor="#FFFFFF">
114: <h1>Preferences for $user</h1>
115: <h3>$user is a member of domain $domain</h3>
116: <p>
117: Change anonymous discussion screen name for $user
118: </p>
1.6 www 119: <form name="server" action="/adm/preferences" method="post">
120: <input type="hidden" name="action" value="verify_and_change_screenname" />
121: New screenname:
122: <input type="text" size="20" value="$screenname" name="screenname" />
123: <input type="submit" value="Change" />
124: </form>
1.5 www 125: </body>
126: </html>
127: ENDSCREEN
128: }
1.6 www 129:
130: sub verify_and_change_screenname {
131: my $r = shift;
132: my $user = $ENV{'user.name'};
133: my $domain = $ENV{'user.domain'};
134: my $newscreen = $ENV{'form.screenname'};
135: $newscreen=~s/\W//g;
136: my $message='';
137: if ($newscreen) {
1.7 www 138: &Apache::lonnet::put('environment',{'screenname' => $newscreen});
139: &Apache::lonnet::appenv('environment.screenname' => $newscreen);
1.6 www 140: $message='Set new screenname to '.$newscreen;
141: } else {
142: &Apache::lonnet::del('environment',['screenname']);
1.7 www 143: &Apache::lonnet::delenv('environment\.screenname');
1.6 www 144: $message='Reset screenname';
145: }
146: $r->print(<<ENDVCSCREEN);
147: <html>
148: <body bgcolor="#FFFFFF">
149: <h1>Preferences for $user</h1>
150: <h3>$user is a member of domain $domain</h3>
151: <p>
152: Change anonymous discussion screen name for $user
153: </p>
154: $message
155: </body></html>
156: ENDVCSCREEN
157: }
158:
1.4 matthew 159: ######################################################
160: # password handler subroutines #
161: ######################################################
1.3 matthew 162: sub passwordchanger {
1.4 matthew 163: # This function is a bit of a mess....
1.3 matthew 164: # Passwords are encrypted using londes.js (DES encryption)
165: my $r = shift;
1.4 matthew 166: my $errormessage = shift;
167: $errormessage = ($errormessage || '');
1.3 matthew 168: my $user = $ENV{'user.name'};
169: my $domain = $ENV{'user.domain'};
170: my $homeserver = $ENV{'user.home'};
171: my $currentauth=&Apache::lonnet::queryauthenticate($user,$domain);
172: # Check for authentication types that allow changing of the password.
173: return if ($currentauth !~ /^(unix|internal):/);
174: #
175: # Generate keys
176: my ($lkey_cpass ,$ukey_cpass ) = &des_keys();
177: my ($lkey_npass1,$ukey_npass1) = &des_keys();
178: my ($lkey_npass2,$ukey_npass2) = &des_keys();
1.4 matthew 179: # Store the keys in the log files
1.3 matthew 180: my $lonhost = $r->dir_config('lonHostID');
181: my $logtoken=Apache::lonnet::reply('tmpput:'
182: .$ukey_cpass . $lkey_cpass .'&'
183: .$ukey_npass1 . $lkey_npass1.'&'
184: .$ukey_npass2 . $lkey_npass2,
185: $lonhost);
1.4 matthew 186: # Hexify the keys for output as javascript variables
1.3 matthew 187: $ukey_cpass = hex($ukey_cpass);
188: $lkey_cpass = hex($lkey_cpass);
189: $ukey_npass1= hex($ukey_npass1);
190: $lkey_npass1= hex($lkey_npass1);
191: $ukey_npass2= hex($ukey_npass2);
192: $lkey_npass2= hex($lkey_npass2);
193: # Output javascript to deal with passwords
1.4 matthew 194: # Output DES javascript
1.9 ! matthew 195: $r->print("<html><head>");
1.3 matthew 196: {
197: my $include = $r->dir_config('lonIncludes');
198: my $jsh=Apache::File->new($include."/londes.js");
199: $r->print(<$jsh>);
200: }
201: $r->print(<<ENDFORM);
1.9 ! matthew 202: </head>
1.3 matthew 203: <body bgcolor="#FFFFFF" onLoad="init();">
1.1 www 204:
1.3 matthew 205: <script language="JavaScript">
206:
207: function send() {
208: uextkey=this.document.client.elements.ukey_cpass.value;
209: lextkey=this.document.client.elements.lkey_cpass.value;
210: initkeys();
211:
212: this.document.server.elements.currentpass.value
213: =crypted(this.document.client.elements.currentpass.value);
214:
215: uextkey=this.document.client.elements.ukey_npass1.value;
216: lextkey=this.document.client.elements.lkey_npass1.value;
217: initkeys();
218: this.document.server.elements.newpass_1.value
219: =crypted(this.document.client.elements.newpass_1.value);
220:
221: uextkey=this.document.client.elements.ukey_npass2.value;
222: lextkey=this.document.client.elements.lkey_npass2.value;
223: initkeys();
224: this.document.server.elements.newpass_2.value
225: =crypted(this.document.client.elements.newpass_2.value);
226:
227: this.document.server.submit();
228: }
229:
230: </script>
231: <h1>Preferences for $user</h1>
232: <h3>$user is a member of domain $domain</h3>
1.4 matthew 233: $errormessage
1.3 matthew 234: <p>
235: Change password for $user
236: </p>
237: <p>
238: <!-- We seperate the forms into 'server' and 'client' in order to
239: ensure that unencrypted passwords will not be sent out by a
240: crappy browser -->
241:
242: <form name="server" action="/adm/preferences" method="post">
243: <input type="hidden" name="logtoken" value="$logtoken" />
244: <input type="hidden" name="action" value="verify_and_change_pass" />
245: <input type="hidden" name="currentpass" value="" />
1.4 matthew 246: <input type="hidden" name="newpass_1" value="" />
247: <input type="hidden" name="newpass_2" value="" />
1.3 matthew 248: </form>
249:
250: <form name="client" >
251: <table>
1.4 matthew 252: <tr><td align="right"> Current password: </td>
253: <td><input type="password" name="currentpass" size="10"/> </td></tr>
254: <tr><td align="right"> New password: </td>
255: <td><input type="password" name="newpass_1" size="10" /> </td></tr>
256: <tr><td align="right"> Confirm password: </td>
257: <td><input type="password" name="newpass_2" size="10" /> </td></tr>
1.3 matthew 258: <tr><td colspan="2" align="center">
259: <input type="button" value="Change Password" onClick="send();">
260: </table>
1.4 matthew 261: <input type="hidden" name="ukey_cpass" value="$ukey_cpass" />
262: <input type="hidden" name="lkey_cpass" value="$lkey_cpass" />
1.3 matthew 263: <input type="hidden" name="ukey_npass1" value="$ukey_npass1" />
264: <input type="hidden" name="lkey_npass1" value="$lkey_npass1" />
265: <input type="hidden" name="ukey_npass2" value="$ukey_npass2" />
266: <input type="hidden" name="lkey_npass2" value="$lkey_npass2" />
267: </form>
268: </p>
269: ENDFORM
270: #
271: return;
272: }
273:
274: sub verify_and_change_password {
275: my $r = shift;
276: my $user = $ENV{'user.name'};
277: my $domain = $ENV{'user.domain'};
278: my $homeserver = $ENV{'user.home'};
279: my $currentauth=&Apache::lonnet::queryauthenticate($user,$domain);
1.4 matthew 280: # Check for authentication types that allow changing of the password.
281: return if ($currentauth !~ /^(unix|internal):/);
1.3 matthew 282: #
1.4 matthew 283: $r->print(<<ENDHEADER);
284: <html>
285: <head>
286: <title>LON-CAPA Preferences: Change password for $user</title>
287: </head>
288: ENDHEADER
1.3 matthew 289: #
290: my $currentpass = $ENV{'form.currentpass'};
291: my $newpass1 = $ENV{'form.newpass_1'};
292: my $newpass2 = $ENV{'form.newpass_2'};
293: my $logtoken = $ENV{'form.logtoken'};
294: # Check for empty data
1.4 matthew 295: unless (defined($currentpass) &&
296: defined($newpass1) &&
297: defined($newpass2) ){
298: &passwordchanger($r,"<p>\n<font color='#ff0000'>ERROR</font>".
299: "Password data was blank.\n</p>");
1.3 matthew 300: return;
301: }
302: # Get the keys
303: my $lonhost = $r->dir_config('lonHostID');
304: my $tmpinfo = Apache::lonnet::reply('tmpget:'.$logtoken,$lonhost);
305: if (($tmpinfo=~/^error/) || ($tmpinfo eq 'con_lost')) {
1.4 matthew 306: # I do not a have a better idea about how to handle this
1.3 matthew 307: $r->print(<<ENDERROR);
308: <p>
309: <font color="#ff0000">ERROR:</font> Unable to retrieve stored token for
1.4 matthew 310: password decryption. Please log out and try again.
1.3 matthew 311: </p>
312: ENDERROR
1.4 matthew 313: # Probably should log an error here
1.3 matthew 314: return;
315: }
316: my ($ckey,$n1key,$n2key)=split(/&/,$tmpinfo);
1.4 matthew 317: #
1.3 matthew 318: my $currentpass = &des_decrypt($ckey ,$currentpass);
319: my $newpass1 = &des_decrypt($n1key,$newpass1);
320: my $newpass2 = &des_decrypt($n2key,$newpass2);
1.4 matthew 321: #
1.3 matthew 322: if ($newpass1 ne $newpass2) {
1.4 matthew 323: &passwordchanger($r,
324: '<font color="#ff0000">ERROR:</font>'.
325: 'The new passwords you entered do not match. '.
326: 'Please try again.');
327: return;
328: }
329: if (length($newpass1) < 7) {
330: &passwordchanger($r,
331: '<font color="#ff0000">ERROR:</font>'.
332: 'Passwords must be a minimum of 7 characters long. '.
333: 'Please try again.');
1.3 matthew 334: return;
335: }
1.4 matthew 336: #
337: # Check for bad characters
338: my $badpassword = 0;
339: foreach (split(//,$newpass1)) {
340: $badpassword = 1 if ((ord($_)<32)||(ord($_)>126));
341: }
342: if ($badpassword) {
343: # I can't figure out how to enter bad characters on my browser.
344: &passwordchanger($r,<<ENDERROR);
345: <font color="#ff0000">ERROR:</font>
346: The password you entered contained illegal characters.<br />
347: Valid characters are: space and <br />
348: <pre>
349: !"\#$%&\'()*+,-./0123456789:;<=>?\@
350: ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_\`abcdefghijklmnopqrstuvwxyz{|}~
351: </pre>
352: ENDERROR
353: }
354: #
355: # Change the password (finally)
356: my $result = &Apache::lonnet::changepass
357: ($user,$domain,$currentpass,$newpass1,$homeserver);
358: # Inform the user the password has (not?) been changed
359: if ($result =~ /^ok$/) {
360: $r->print(<<"ENDTEXT");
1.9 ! matthew 361: <h2>The password for $user was successfully changed</h2>
1.4 matthew 362: ENDTEXT
363: } else {
364: # error error: run in circles, scream and shout
365: $r->print(<<ENDERROR);
1.9 ! matthew 366: <h2><font color="#ff0000">The password for $user was not changed</font></h2>
1.8 matthew 367: Please make sure your old password was entered correctly.
1.4 matthew 368: ENDERROR
369: }
370: return;
1.3 matthew 371: }
372:
1.4 matthew 373: ######################################################
374: # other handler subroutines #
375: ######################################################
376:
1.3 matthew 377: ################################################################
378: # Main handler #
379: ################################################################
1.1 www 380: sub handler {
381: my $r = shift;
1.3 matthew 382: my $user = $ENV{'user.name'};
383: my $domain = $ENV{'user.domain'};
1.1 www 384: $r->content_type('text/html');
1.4 matthew 385: # Some pages contain DES keys and should not be cached.
386: &Apache::loncommon::no_cache($r);
1.1 www 387: $r->send_http_header;
388: return OK if $r->header_only;
1.9 ! matthew 389: #
1.3 matthew 390: if ($ENV{'form.action'} eq 'changepass') {
391: &passwordchanger($r);
392: } elsif ($ENV{'form.action'} eq 'verify_and_change_pass') {
393: &verify_and_change_password($r);
1.5 www 394: } elsif ($ENV{'form.action'} eq 'changescreenname') {
395: &screennamechanger($r);
1.6 www 396: } elsif ($ENV{'form.action'} eq 'verify_and_change_screenname') {
397: &verify_and_change_screenname($r);
1.3 matthew 398: } else {
399: $r->print(<<ENDHEADER);
1.1 www 400: <html>
401: <head>
1.4 matthew 402: <title>LON-CAPA Preferences</title>
1.1 www 403: </head>
1.3 matthew 404: <body bgcolor="#FFFFFF" >
405: <h1>Preferences for $user</h1>
406: <h3>$user is a member of domain $domain</h3>
407: ENDHEADER
408: # Determine current authentication method
409: my $currentauth=&Apache::lonnet::queryauthenticate($user,$domain);
410: if ($currentauth =~ /^(unix|internal):/) {
1.4 matthew 411: $r->print(<<ENDPASSWORDFORM);
412: <form name="client" action="/adm/preferences" method="post">
413: <input type="hidden" name="action" value="changepass">
414: <input type="submit" value="Change password">
415: </form>
416: ENDPASSWORDFORM
1.5 www 417: # Change screen name
418: $r->print(<<ENDSCREENNAMEFORM);
419: <form name="client" action="/adm/preferences" method="post">
420: <input type="hidden" name="action" value="changescreenname">
421: <input type="submit" value="Change anonymous discussion screen name">
422: </form>
423: ENDSCREENNAMEFORM
1.4 matthew 424: # Other preference setting code should be added here
1.3 matthew 425: }
426: }
427: $r->print(<<ENDFOOTER);
1.1 www 428: </body>
429: </html>
1.3 matthew 430: ENDFOOTER
1.1 www 431: return OK;
432: }
433:
434: 1;
435: __END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to lonpreferences.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / interface