#!/usr/bin/perl # MimerDesk # Web based groupware and eLearning environment # www.mimerdesk.org # # Copyright (C) 2001 Ionstream Ltd. # www.ionstream.fi # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by the Free # Software Foundation; either version 2 of the License, or (at your option) # any later version. # # This program is distributed with a hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License # for more details. # # You should have received a copy of the GNU General Public License along # with this program; if not, write to the Free Software Foundation, Inc., # 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # $Id: password.html,v 1.4 2002/06/06 14:58:02 inf Exp $ #"""""""""""""""""""""""""""""""""""""""""# # # # MimerDesk: Config - Account # # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # # (c) Ionstream Oy 1999 - 2001 # # # # Programmed by: Teemu Arina # # # #_________________________________________# #"""""""""""""""""""""""""""""""""# # Configuration # #_________________________________# use strict; use vars qw ($APPLICATION $ACTIVEGRP $lite_version $USER $trans $IP $LAST_ACT $FORWARDED $TIME_USED $IDLE $form $ref $sth); use lib::MimerDesk; use CGI::Carp "fatalsToBrowser"; $APPLICATION = 'Config - Account'; sub update; sub print_template; #"""""""""""""""""""""""""""""""# # Program # #_______________________________# # # 1. Get form values # 2. Check input values read_config('../config/mimerdesk.cfg'); initialize(); $form = decode_multipart(); $form->{'ID'} =~ tr/0-9//cd; $form->{'auth'} =~ tr/0-9a-z//cd; ($USER, $IP, $LAST_ACT, $FORWARDED, $TIME_USED, $IDLE, $ACTIVEGRP) = authenticate($form->{'ID'}, $form->{'auth'}, $form->{'changeGroup'}); $trans = lib::MimerDesk->new_gettext(program => 'account',language => $config{'language'}); $APPLICATION = $trans->gettext('Config - Account'); if ($form->{'quit'}) {redirect("$config{'loc_server'}$config{'bin_dir'}/index.html?ID=$form->{'ID'}&auth=$form->{'auth'}&quit=quit");} elsif ($form->{'update'}) {update("$config{'theme'}_password");} elsif ($form->{'go'} eq 'first_time') {print_template('first_logon');} else {print_template("$config{'theme'}_password");} #"""""""""""""""""""""""# # Update users password # #_______________________# # # 1. Check if first time logging in # 2. Check passwords # 3. Get current password # 4. Check password # 5. Change password if passwords matched # 5.1 If first time logging in, redirect to index # 6. Print error if passwords didn't match sub update { my ($pass, $page_to_send, $salasana); $page_to_send = shift; $page_to_send = 'first_logon' if $form->{'first_time'}; if ($form->{"new_password"} ne $form->{"new_password2"}) { print_template($page_to_send, 'error', $trans->gettext("The password and the verification don't match. Please check your spelling."). (tag('br') x 2). $trans->gettext("Note:"). tag('br'). $trans->gettext("Passwords are case-sensitive.")); } elsif ($form->{"new_password"} !~ /(.){$config{'min_pass_length'},}/) { print_template($page_to_send, 'error', $trans->gettext("The password is too short!").tag('br'). sprintf($trans->gettext("Minimum password length is: %d"),tagged('b',{content => $config{'min_pass_length'}}) )); } elsif (($form->{"new_password"} =~ tr/A-Za-z0-9_//c) > 0) { print_template($page_to_send, 'error', $trans->gettext("You have supplied illegal characters. The allowed ones are: A-Z, a-z, 0-9 and _.")); } $form->{'old_password'} = crypt($form->{'old_password'}, 'aa'); lock_tables('READ', 'users'); db_list("SELECT password FROM users where nimi = '$USER'"); while (my $ref = $sth->fetchrow_hashref()) {$salasana = $ref->{'password'};} db_end(); unlock_tables(); if ($form->{'old_password'} eq $salasana) { $pass = crypt($form->{'new_password2'}, 'aa'); lock_tables('WRITE', 'users'); if ($form->{'first_time'}) {db_list("update users set password = '$pass', visitcount = '1' where nimi = '$USER'");} else {&db_list("update users set password = '$pass' where nimi = '$USER'");} db_end(); unlock_tables(); write_log("$USER changed his/her password", 'notify'); if ($form->{'first_time'}) {redirect("$config{'loc_server'}$config{'bin_dir'}/startup.html?ID=$form->{'ID'}&auth=$form->{'auth'}&go=menu");exit;} else { print_template("$config{'theme'}_password", 'success', $trans->gettext("Your password has been changed. Don't forget it!")); } } else { write_log("$USER: Old password didn't match while trying to change password!", 'warning'); print_template($page_to_send, 'error', $trans->gettext("The password and the verification don't match. Please check your spelling."). (tag('br') x 2). $trans->gettext("Note:"). tag('br'). $trans->gettext("Passwords are case-sensitive.")); } } #"""""""""""""""""""""""""""""# # Read template and print it # #_____________________________# # # 1. Check witch template # 2. Get template and print it # 3. Close database and exit sub print_template { my ($ref,$fulltemplate); my ($template,$mode,$text) = @_; print_header('pragma'); if ($template eq "$config{'theme'}_password") { $ref = get_template('maintemplate',$template); $ref->{'maintemplate'} =~ s/<>/$ref->{$template}/m; $fulltemplate = $ref->{'maintemplate'}; $ref = get_template('js_doClock', 'js_help', 'js_password', 'js_gotosite'); my $javascripts = $ref->{'js_doClock'}.$ref->{'js_help'}.$ref->{'js_password'}.$ref->{'js_gotosite'}; $fulltemplate =~ s/<>/$javascripts/m; } else { $ref = get_template($template); $fulltemplate = $ref->{$template}; } $fulltemplate = create_buttons($fulltemplate, 'Config', 'Account', $form); $fulltemplate =~ s/<>/minea/gm; $fulltemplate =~ s/<>/MimerDesk\: $APPLICATION/m; if ($text) {$text .= tag('br').tag('br');} $fulltemplate =~ s/<>/$mode/m; $fulltemplate =~ s/<>/$text/m; $fulltemplate = replace_tags($fulltemplate, $USER, $form->{'auth'}, $form->{'ID'}, $TIME_USED); $fulltemplate = add_popups($fulltemplate, $USER, $form->{'auth'}, $form->{'ID'}); print $fulltemplate; db_end('disconnect'); exit; }