--- loncom/interface/resetpw.pm 2019/04/24 01:44:30 1.44
+++ loncom/interface/resetpw.pm 2020/02/09 04:43:20 1.47
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Allow access to password changing via a token sent to user's e-mail.
#
-# $Id: resetpw.pm,v 1.44 2019/04/24 01:44:30 raeburn Exp $
+# $Id: resetpw.pm,v 1.47 2020/02/09 04:43:20 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -305,7 +305,7 @@ END
my $earlyout;
unless ($passwdconf{'captcha'} eq 'unused') {
my ($captcha_chk,$captcha_error) =
- &Apache::loncommon::captcha_response('passwords',$server);
+ &Apache::loncommon::captcha_response('passwords',$server,$dom_in_effect);
if ($captcha_chk != 1) {
my $error = 'captcha';
if ($passwdconf{'captcha'} eq 'recaptcha') {
@@ -359,7 +359,7 @@ END
}
foreach my $item (@items) {
if ($item =~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) {
- unless (grep(/^\Q$item\E$/i,@allemails)) {
+ unless (grep(/^\Q$item\E$/i,@allemails)) {
push(@allemails,$item);
}
}
@@ -639,7 +639,9 @@ sub reset_passwd {
$invalidinfo = "||$env{'form.uname'}|| ||$env{'form.udom'}|| ";
}
} else {
- unless ((lc($env{'form.uname'}) eq lc($data{'username'})) && (lc($env{'form.udom'}) eq lc($data{'domain'}))) {
+ if ((lc($env{'form.uname'}) eq lc($data{'username'})) && (lc($env{'form.udom'}) eq lc($data{'domain'}))) {
+ $env{'form.uname'} = $data{'username'};
+ } else {
$invalidinfo = "||$env{'form.uname'}|| ||$env{'form.udom'}|| ";
}
}
@@ -661,7 +663,53 @@ sub reset_passwd {
}
if ($invalidinfo) {
&Apache::lonnet::logthis("Forgot Password -- token data: ||$data{'username'}|| ||$data{'domain'}|| ||$data{'email'}|| differs from form: $invalidinfo");
- $r->print(&generic_failure_msg($contact_name,$contact_email));
+ my $retry;
+ $r->print(
+ ''
+ .&mt('A problem occurred when attempting to reset'
+ .' the password for your account.').'
');
+ if (($formfields{'username'}) && ($formfields{'email'})) {
+ if ($needscase) {
+ $r->print(''
+ .&mt('Please verify you entered the correct username and e-mail address, '
+ .'including the correct lower and/or upper case letters')
+ .'
');
+ } else {
+ $r->print(''
+ .&mt('Please verify you entered the correct username and e-mail address.')
+ .'
');
+ }
+ $retry = 1;
+ } elsif ($formfields{'username'}) {
+ if ($needscase) {
+ $r->print(''
+ .&mt('Please verify you entered the correct username, '
+ .'including the correct lower and/or upper case letters')
+ .'
');
+ } else {
+ $r->print(''
+ .&mt('Please verify you entered the correct username.')
+ .'
');
+ }
+ $retry = 1;
+ } elsif ($formfields{'email'}) {
+ if ($needscase) {
+ $r->print(''
+ .&mt('Please verify you entered the correct e-mail address, '
+ .'including the correct lower and/or upper case letters')
+ .'
');
+ } else {
+ $r->print(''
+ .&mt('Please verify you entered the correct e-mail address.')
+ .'
');
+ }
+ $retry = 1;
+ }
+ if ($retry) {
+ &Apache::lonpreferences::passwordchanger($r,'','reset_by_email',$token,$timelimit,\%formfields);
+ } else {
+ $r->print(&generic_failure_msg($contact_name,$contact_email));
+ }
unless ($formfields{'username'}) {
delete($env{'form.uname'});
delete($env{'form.udom'});
@@ -669,7 +717,7 @@ sub reset_passwd {
return;
}
my $change_failed =
- &Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token);
+ &Apache::lonpreferences::verify_and_change_password($r,'reset_by_email',$token,$timelimit,\%formfields);
if (!$change_failed) {
my $delete = &Apache::lonnet::tmpdel($token);
my $now = &Apache::lonlocal::locallocaltime(time);
@@ -720,7 +768,17 @@ sub reset_passwd {
.''
);
}
- } else {
+ } elsif (($change_failed eq 'prioruse') && ($passwdconf->{'numsaved'})) {
+ my $domdesc =
+ &Apache::lonnet::domain($data{'domain'},'description');
+ $r->print(
+ ''
+ .&mt('Please enter a password that you have not used recently.')
+ .'
'
+ .&display_actions($contact_email,$domdesc,$token)
+ );
+ } elsif (($change_failed eq 'internalerror') || ($change_failed eq 'missingtemp') ||
+ ($change_failed eq 'error')) {
$r->print(&generic_failure_msg($contact_name,$contact_email));
}
unless ($formfields{'username'}) {
@@ -740,7 +798,20 @@ sub reset_passwd {
if ($needscase) {
$r->print(' '.&mt('User data entered must match LON-CAPA account information (including case).'));
}
- $r->print(' ');
+ $r->print('
');
+ }
+ my ($min,$max,$minrule,$maxrule);
+ if ($passwdconf->{min}) {
+ $min = $passwdconf->{min};
+ } else {
+ $min = $Apache::lonnet::passwdmin;
+ }
+ if ($min) {
+ $minrule = &mt('Minimum password length: [_1]',$min);
+ }
+ if ($passwdconf->{max}) {
+ $max = $passwdconf->{max};
+ $maxrule = &mt('Maximum password length: [_1]',$max);
}
if (ref($passwdconf->{chars}) eq 'ARRAY') {
my %rules;
@@ -757,9 +828,24 @@ sub reset_passwd {
$r->print(''.$rulenames{$poss}.'');
}
}
+ if ($min) {
+ $r->print(''.$minrule.'');
+ }
+ if ($max) {
+ $r->print(''.$maxrule.'');
+ }
$r->print('');
} else {
- $r->print(&mt('The new password must contain at least 7 characters.').' ');
+ if ($min && $max) {
+ $r->print(&mt('The new password must satisfy the following:').''."\n".
+ '- '.$minrule.'
'."\n".
+ '- '.$maxrule.'
'."\n".
+ '
'."\n");
+ } elsif ($min) {
+ $r->print($minrule.'
');
+ } elsif ($max) {
+ $r->print($maxrule.'
');
+ }
}
$r->print(&mt('Your new password will be sent to the LON-CAPA server in an encrypted form.').'
');
&Apache::lonpreferences::passwordchanger($r,'','reset_by_email',$token,$timelimit,\%formfields);
@@ -767,7 +853,8 @@ sub reset_passwd {
} else {
$r->print(
''
- .&mt('Sorry, the token generated when you requested a password reset has expired. Please submit a [_1]new request[_2], and follow the link to the web page included in the new e-mail that will be sent to you, to allow you to enter a new password.'
+ .&mt('Sorry, the token generated when you requested a password reset has expired.').'
'
+ .&mt('Please submit a [_1]new request[_2], and follow the link to the web page included in the new e-mail that will be sent to you, to allow you to enter a new password.'
,'','')
.'
'
);
@@ -815,9 +902,13 @@ sub create_passwd {
}
sub display_actions {
- my ($contact_email, $domdesc) = @_;
+ my ($contact_email,$domdesc,$token) = @_;
+ my $url = '/adm/resetpw';
+ if ($token) {
+ $url .= '?token='.&escape($token);
+ }
my @msg = (&mt('[_1]Go back[_2] and try again',
- '',''));
+ '',''));
my $msg2 = '';
if ($contact_email ne '') {
my $escuri = &HTML::Entities::encode('/adm/resetpw','&<>"');