nigel.stanger / Digital_Repository
Transfer to URL with SHA Find file
Newer
Older
Digital_Repository / OARiNZ / DIY / deb_package / eprints-3.0 / cgi / reset_password
nstanger on 7 Jun 2007 5 KB - Added debian package source.
Raw Blame History 
######################################################################
#
#  EPrints Set Password 
#
######################################################################
#
#  This file is part of GNU EPrints 2.
#  
#  Copyright (c) 2000-2004 University of Southampton, UK. SO17 1BJ.
#  
#  EPrints 2 is free software; you can redistribute it and/or modify
#  it under the terms of the GNU General Public License as published by
#  the Free Software Foundation; either version 2 of the License, or
#  (at your option) any later version.
#  
#  EPrints 2 is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU General Public License for more details.
#  
#  You should have received a copy of the GNU General Public License
#  along with EPrints 2; if not, write to the Free Software
#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
######################################################################

use EPrints;
use strict;

my $session = new EPrints::Session;
exit( 0 ) unless( defined $session );

my( $page, $title ) = make_page( $session );

# $page->appendChild( $session->html_phrase( "general:frontpage_link" ) );

$session->build_page( $title, $page, "reset_password" );
$session->send_page();

$session->terminate();

sub make_page
{
	my( $session ) = @_;

	my $page = $session->make_element( "div", class => "ep_block");
	my $table = $session->make_element( "table" );
	my $tr = $session->make_element( "tr" );
	my $td = $session->make_element( "td" );
	$page->appendChild( $table );
	$table->appendChild( $tr );
	$tr->appendChild( $td );

	my $title = $session->html_phrase( "cgi/set_password:password_changeonlytitle" );

	my $reset_ok =  $session->get_repository->get_conf("allow_reset_password");
	if( !$reset_ok )
	{
		$td->appendChild( $session->html_phrase( "cgi/set_password:disabled" ) );
		$td->appendChild( $session->html_phrase( "general:frontpage_link" ) );
		return( $page, $title );
	}

	my $user_ds = $session->get_repository->get_dataset( "user" );

	my $f_email = $user_ds->get_field( "email" )->clone();
	$f_email->set_property( "confid" , "setpass" );

	my $f_newpass = $user_ds->get_field( "newpassword" )->clone();
	$f_newpass->set_property( "confid" , "setpass" );

	if( ! $session->have_parameters() )
	{
		$td->appendChild( $session->html_phrase( "cgi/set_password:pchange" ) );

		my $fields = [ $f_email, $f_newpass ];

		$td->appendChild( $session->render_input_form(
			fields=>$fields,
			values=>{
				lang => $session->get_langid()
			},
			show_help=>1,
			default_action=>"submit",
			buttons=>{
				submit=>$session->phrase( "cgi/set_password:action_submit" )
			},
			dest=>"reset_password" ) );

		return( $page, $title );
	}

	# Process the form.
	my $email = $f_email->form_value( $session );
	my $lang = $session->get_langid();
	my $newpassword = $f_newpass->form_value( $session );

	my $user = EPrints::DataObj::User::user_with_email( $session, $email );

	if( ! EPrints::Utils::is_set( $email ) )
	{
		$page->appendChild( $session->html_phrase( 
			"cgi/set_password:no_email" ) );
		return( 
			$page, 
			$session->html_phrase( 
				"cgi/set_password:error_title" ) );
	}

	if( !defined $user )
	{
		$page->appendChild( $session->html_phrase( 
			"cgi/set_password:no_such_user",
			email=>$session->make_text( $email ) ) );
		return( 
			$page, 
			$session->html_phrase( 
				"cgi/set_password:error_title" ) );
	}

	if( !$user->allow( "set-password" ) )
	{
		$page->appendChild( $session->html_phrase( 
			"cgi/set_password:no_priv",
			email=>$session->make_text( $email ) ) );
		return( 
			$page, 
			$session->html_phrase( 
				"cgi/set_password:error_title" ) );
	}

	if( !defined $newpassword || $newpassword eq "" )
	{
		$page->appendChild( $session->html_phrase( 
			"cgi/set_password:no_password" ) );
		return( 
			$page, 
			$session->html_phrase( 
				"cgi/set_password:error_title" ) );
	}

	$user->set_value( "newpassword", $newpassword );
	my $pin = sprintf( "%04X%04X%04X%04X",int rand 0xffff,int rand 0xffff,int rand 0xffff,int rand 0xffff );
	$user->set_value( "newemail", undef );
	$user->set_value( "pin", $pin );
	$user->set_value( "pinsettime", time() );
	$user->commit();
	
	my $maxdelta = EPrints::Time::human_delay(
		$session->get_repository->get_conf( "pin_timeout" ) );
	
	my $rc = $user->mail( 
		"cgi/set_password:account",
		$session->html_phrase( 
			"mail_password_pin", 
			confirmurl => $session->render_link( $session->get_repository->get_conf( "perl_url" )."/confirm?userid=".$user->get_value( "userid" )."&pin=".$pin ),
			username => $user->render_value( "username" ),
			maxdelta => $session->make_text( $maxdelta ) ) );

	# did email send OK?
	if( !$rc )
	{
		$page->appendChild( $session->html_phrase( 
			"general:email_failed" ) );
		return( 
			$page, 
			$session->html_phrase( 
				"cgi/set_password:error_title" ) );
	}


	$page->appendChild( $session->html_phrase( 
		"cgi/set_password:mail_sent",
		email=>$session->make_text( $email ),
		maxdelta => $session->make_text( $maxdelta ) ) );
	return( $page, $title );
}