###################################################################### # # EPrints Set Password # ###################################################################### # # This file is part of GNU EPrints 2. # # Copyright (c) 2000-2004 University of Southampton, UK. SO17 1BJ. # # EPrints 2 is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # EPrints 2 is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with EPrints 2; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # ###################################################################### use EPrints; use strict; my $session = new EPrints::Session; exit( 0 ) unless( defined $session ); my( $page, $title ) = make_page( $session ); # $page->appendChild( $session->html_phrase( "general:frontpage_link" ) ); $session->build_page( $title, $page, "reset_password" ); $session->send_page(); $session->terminate(); sub make_page { my( $session ) = @_; my $page = $session->make_element( "div", class => "ep_block"); my $table = $session->make_element( "table" ); my $tr = $session->make_element( "tr" ); my $td = $session->make_element( "td" ); $page->appendChild( $table ); $table->appendChild( $tr ); $tr->appendChild( $td ); my $title = $session->html_phrase( "cgi/set_password:password_changeonlytitle" ); my $reset_ok = $session->get_repository->get_conf("allow_reset_password"); if( !$reset_ok ) { $td->appendChild( $session->html_phrase( "cgi/set_password:disabled" ) ); $td->appendChild( $session->html_phrase( "general:frontpage_link" ) ); return( $page, $title ); } my $user_ds = $session->get_repository->get_dataset( "user" ); my $f_email = $user_ds->get_field( "email" )->clone(); $f_email->set_property( "confid" , "setpass" ); my $f_newpass = $user_ds->get_field( "newpassword" )->clone(); $f_newpass->set_property( "confid" , "setpass" ); if( ! $session->have_parameters() ) { $td->appendChild( $session->html_phrase( "cgi/set_password:pchange" ) ); my $fields = [ $f_email, $f_newpass ]; $td->appendChild( $session->render_input_form( fields=>$fields, values=>{ lang => $session->get_langid() }, show_help=>1, default_action=>"submit", buttons=>{ submit=>$session->phrase( "cgi/set_password:action_submit" ) }, dest=>"reset_password" ) ); return( $page, $title ); } # Process the form. my $email = $f_email->form_value( $session ); my $lang = $session->get_langid(); my $newpassword = $f_newpass->form_value( $session ); my $user = EPrints::DataObj::User::user_with_email( $session, $email ); if( ! EPrints::Utils::is_set( $email ) ) { $page->appendChild( $session->html_phrase( "cgi/set_password:no_email" ) ); return( $page, $session->html_phrase( "cgi/set_password:error_title" ) ); } if( !defined $user ) { $page->appendChild( $session->html_phrase( "cgi/set_password:no_such_user", email=>$session->make_text( $email ) ) ); return( $page, $session->html_phrase( "cgi/set_password:error_title" ) ); } if( !$user->allow( "set-password" ) ) { $page->appendChild( $session->html_phrase( "cgi/set_password:no_priv", email=>$session->make_text( $email ) ) ); return( $page, $session->html_phrase( "cgi/set_password:error_title" ) ); } if( !defined $newpassword || $newpassword eq "" ) { $page->appendChild( $session->html_phrase( "cgi/set_password:no_password" ) ); return( $page, $session->html_phrase( "cgi/set_password:error_title" ) ); } $user->set_value( "newpassword", $newpassword ); my $pin = sprintf( "%04X%04X%04X%04X",int rand 0xffff,int rand 0xffff,int rand 0xffff,int rand 0xffff ); $user->set_value( "newemail", undef ); $user->set_value( "pin", $pin ); $user->set_value( "pinsettime", time() ); $user->commit(); my $maxdelta = EPrints::Time::human_delay( $session->get_repository->get_conf( "pin_timeout" ) ); my $rc = $user->mail( "cgi/set_password:account", $session->html_phrase( "mail_password_pin", confirmurl => $session->render_link( $session->get_repository->get_conf( "perl_url" )."/confirm?userid=".$user->get_value( "userid" )."&pin=".$pin ), username => $user->render_value( "username" ), maxdelta => $session->make_text( $maxdelta ) ) ); # did email send OK? if( !$rc ) { $page->appendChild( $session->html_phrase( "general:email_failed" ) ); return( $page, $session->html_phrase( "cgi/set_password:error_title" ) ); } $page->appendChild( $session->html_phrase( "cgi/set_password:mail_sent", email=>$session->make_text( $email ), maxdelta => $session->make_text( $maxdelta ) ) ); return( $page, $title ); }