From 4c4d730162918479d4385ead622b47f42b1e04c1 Mon Sep 17 00:00:00 2001 From: JT Smith Date: Sat, 6 Mar 2004 00:34:38 +0000 Subject: [PATCH] a crapload of authentication fixes --- docs/upgrades/upgrade_5.9.9-6.0.0.sql | 25 ++--- lib/WebGUI/Auth.pm | 135 +++++--------------------- lib/WebGUI/Auth/LDAP.pm | 3 +- lib/WebGUI/Auth/SMB.pm | 3 +- lib/WebGUI/Auth/WebGUI.pm | 64 ++++++++++-- 5 files changed, 98 insertions(+), 132 deletions(-) diff --git a/docs/upgrades/upgrade_5.9.9-6.0.0.sql b/docs/upgrades/upgrade_5.9.9-6.0.0.sql index a23eaa02c..5d4ddb786 100644 --- a/docs/upgrades/upgrade_5.9.9-6.0.0.sql +++ b/docs/upgrades/upgrade_5.9.9-6.0.0.sql @@ -257,27 +257,16 @@ insert into international (internationalId,languageId,namespace,message,lastUpda delete from template where namespace='Auth/WebGUI/Login' and templateId=1; -INSERT INTO template (templateId,name,template,namespace) VALUES (1,'Default WebGUI Login Template','\r\n \r\n\r\n\r\n\r\n \r\n\r\n\r\n\r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n
\r\n\r\n\r\n
\r\n
    \r\n \r\n
  • \r\n \r\n \r\n
  • \r\n \r\n
\r\n
','Auth/WebGUI/Login'); delete from template where namespace='Auth/WebGUI/Account' and templateId=1; -INSERT INTO template (templateId,name,template,namespace) VALUES (1,'Default WebGUI Account Display Template','\r\n \r\n\r\n\r\n\r\n \r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n
\r\n\r\n\r\n
\r\n
    \r\n \r\n
  • \r\n \r\n
\r\n
','Auth/WebGUI/Account'); delete from template where namespace='Auth/WebGUI/Create' and templateId=1; -INSERT INTO template (templateId,name,template,namespace) VALUES (1,'Default WebGUI Anonymous Registration Template','\r\n \r\n\r\n\r\n\r\n \r\n\r\n\r\n\r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n\r\n \r\n \r\n\r\n
\r\n\r\n\r\n\r\n
\r\n
    \r\n
  • \r\n \r\n
  • \r\n \r\n
\r\n
','Auth/WebGUI/Create'); delete from template where namespace='Auth/WebGUI/Recovery' and templateId=1; -INSERT INTO template (templateId,name,template,namespace) VALUES (1,'Default WebGUI Password Recovery Template','\r\n \r\n\r\n\r\n\r\n \r\n\r\n\r\n\r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n
\r\n\r\n\r\n\r\n
\r\n
    \r\n \r\n
  • \r\n \r\n
  • \r\n
\r\n
','Auth/WebGUI/Recovery'); delete from template where namespace='Auth/WebGUI/Expired' and templateId=1; -INSERT INTO template (templateId,name,template,namespace) VALUES (1,'Default WebGUI Password Reset Template','\r\n \r\n\r\n\r\n\r\n \r\n\r\n\r\n\r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n
\r\n \r\n \r\n \r\n
\r\n \r\n \r\n \r\n
\r\n \r\n \r\n \r\n
\r\n \r\n
\r\n','Auth/WebGUI/Expired'); delete from template where namespace='Auth/LDAP/Login' and templateId=1; -INSERT INTO template (templateId,name,template,namespace) VALUES (1,'Default LDAP Login Template','\r\n \r\n\r\n\r\n\r\n \r\n\r\n\r\n\r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n
\r\n\r\n\r\n
\r\n
    \r\n \r\n
  • \r\n \r\n \r\n
  • \r\n \r\n
\r\n
','Auth/LDAP/Login'); delete from template where namespace='Auth/LDAP/Account' and templateId=1; -INSERT INTO template (templateId,name,template,namespace) VALUES (1,'Default LDAP Account Display Template','\r\n \r\n\r\n\r\n\r\n\r\n

\r\n\r\n\r\n \r\n \r\n\r\n
\r\n \r\n \r\n \r\n
\r\n\r\n\r\n
\r\n
    \r\n \r\n
  • \r\n \r\n
\r\n
','Auth/LDAP/Account'); delete from template where namespace='Auth/LDAP/Create' and templateId=1; -INSERT INTO template (templateId,name,template,namespace) VALUES (1,'Default LDAP Anonymous Registration Template','\r\n \r\n\r\n\r\n\r\n \r\n\r\n\r\n\r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n\r\n \r\n \r\n\r\n
\r\n\r\n\r\n\r\n
\r\n
    \r\n
  • \r\n \r\n
  • \r\n \r\n
\r\n
','Auth/LDAP/Create'); delete from template where namespace='Auth/SMB/Login' and templateId=1; -INSERT INTO template (templateId,name,template,namespace) VALUES (1,'Default SMB Login Template','\r\n \r\n\r\n\r\n\r\n \r\n\r\n\r\n\r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n
\r\n\r\n\r\n
\r\n
    \r\n \r\n
  • \r\n \r\n \r\n
  • \r\n \r\n
\r\n
','Auth/SMB/Login'); delete from template where namespace='Auth/SMB/Account' and templateId=1; -INSERT INTO template (templateId,name,template,namespace) VALUES (1,'Default SMB Account Display Template','\r\n \r\n\r\n\r\n\r\n\r\n

\r\n\r\n\r\n \r\n \r\n\r\n
\r\n \r\n \r\n \r\n
\r\n\r\n
\r\n
    \r\n \r\n
  • \r\n \r\n
\r\n
','Auth/SMB/Account'); delete from template where namespace='Auth/SMB/Create' and templateId=1; -INSERT INTO template (templateId,name,template,namespace) VALUES (1,'Default SMB Anonymous Registration Template','\r\n \r\n\r\n\r\n\r\n \r\n\r\n\r\n\r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n\r\n \r\n \r\n\r\n
\r\n\r\n\r\n\r\n
\r\n
    \r\n
  • \r\n \r\n
  • \r\n \r\n
\r\n
','Auth/SMB/Create'); delete from template where namespace='Operation/MessageLog/View' and templateId=1; INSERT INTO template (templateId,name,template,namespace) VALUES (1,'Default Messsage Log Display Template','

\r\n\r\n\r\n\r\n \r\n \r\n \r\n\r\n\r\n \r\n \r\n \r\n \r\n \r\n\r\n \r\n \r\n \r\n \r\n \r\n \r\n \r\n\r\n
\r\n \r\n \r\n \r\n \r\n \r\n
\r\n \r\n \r\n  \r\n \r\n  \r\n
\r\n \r\n \r\n \r\n \r\n \r\n
\r\n\r\n
\r\n · · \r\n
\r\n\r\n
\r\n
    \r\n \r\n
  • \r\n \r\n
\r\n
','Operation/MessageLog/View'); delete from template where namespace='Operation/MessageLog/Message' and templateId=1; @@ -682,4 +671,18 @@ INSERT INTO help VALUES (81,'WebGUI',1089,1090,'58,WebGUI;79,WebGUI;80,WebGUI;50 INSERT INTO template VALUES (8,'Synopsis','
\r\n\r\n
\r\n \">\r\n
\r\n \r\n
\r\n \r\n
\r\n \r\n
\r\n \r\n
\r\n \r\n\r\n
','Navigation'); INSERT INTO Navigation VALUES (18,'Synopsis',99,'self_and_descendants','current',-1,8,0,0,0,0); alter table forum add column groupToView int not null default 7; +INSERT INTO template VALUES (1,'Default WebGUI Login Template','

\n \n

\n\n\r\n \r\n\r\n\r\n\r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n
\r\n\r\n\r\n
\r\n \r\n
','Auth/WebGUI/Login',1,1); +INSERT INTO template VALUES (1,'Default WebGUI Account Display Template','

\n \n

\n\n\n\r\n \r\n\r\n\r\n\r\n\r\n\n\r\n\r\n \r\n \r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n
\r\n\r\n\r\n
\r\n
    \r\n \r\n
  • \r\n \r\n
\r\n
','Auth/WebGUI/Account',1,1); +INSERT INTO template VALUES (1,'Default WebGUI Anonymous Registration Template','

\r\n\n\r\n \r\n\r\n\r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n\r\n \r\n \r\n\r\n
\r\n\r\n\r\n
\r\n \r\n
','Auth/WebGUI/Create',1,1); +INSERT INTO template VALUES (1,'Default WebGUI Password Recovery Template','

\n \n

\n\r\n\r\n\r\n \r\n\r\n\r\n\r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n
\r\n\r\n\r\n\r\n
\r\n \r\n
','Auth/WebGUI/Recovery',1,1); +INSERT INTO template VALUES (1,'Default WebGUI Password Reset Template','

\n \n

\n\r\n\r\n \r\n\r\n\r\n\r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n
\r\n \r\n \r\n \r\n
\r\n \r\n \r\n \r\n
\r\n \r\n \r\n \r\n
\r\n \r\n
\r\n','Auth/WebGUI/Expired',1,1); +INSERT INTO template VALUES (1,'Default LDAP Login Template','

\n \n

\r\n\r\n \r\n\r\n\r\n\r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n
\r\n\r\n\r\n
\r\n
    \r\n \n
  • \">
    • \n     \n\n
\r\n
','Auth/LDAP/Login',1,1); +INSERT INTO template VALUES (1,'Default LDAP Account Display Template','

\n \n

\n\n\r\n\r\n\r\n

\r\n\r\n\r\n \r\n \r\n\r\n
\r\n \r\n \r\n \r\n
\r\n\r\n\r\n
\r\n
    \r\n \r\n
  • \r\n \r\n
\r\n
','Auth/LDAP/Account',1,1); +INSERT INTO template VALUES (1,'Default LDAP Anonymous Registration Template','

\n \r\n

\n\r\n \r\n\r\n\r\n\r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n\r\n \r\n \r\n\r\n
\r\n\r\n\r\n\r\n
\r\n \r\n
','Auth/LDAP/Create',1,1); +INSERT INTO template VALUES (1,'Default SMB Login Template','

\n \n

\n\n\r\n\r\n \r\n\r\n\r\n\r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n
\r\n\r\n\r\n
\r\n
    \n \n
  • \">
    • \n     \n
\r\n
','Auth/SMB/Login',1,1); +INSERT INTO template VALUES (1,'Default SMB Account Display Template','

\n \n

\n\n\r\n\r\n\r\n

\r\n\r\n\r\n \r\n \r\n\r\n
\r\n \r\n \r\n \r\n
\r\n\r\n
\r\n
    \r\n \r\n
  • \r\n \r\n
\r\n
','Auth/SMB/Account',1,1); +INSERT INTO template VALUES (1,'Default SMB Anonymous Registration Template','

\n \r\n

\n\r\n \r\n\r\n\r\n\r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n \r\n \r\n\r\n\r\n\r\n \r\n \r\n\r\n\r\n\r\n \r\n \r\n\r\n
\r\n\r\n\r\n\r\n
\r\n \r\n
','Auth/SMB/Create',1,1); +INSERT INTO template VALUES (1,'Default WebGUI Yes/No Prompt','

\n\n

\n\n

\n\n
\n\n\">\n\n          \n\n\">\n\n
\n','prompt',1,1); + + diff --git a/lib/WebGUI/Auth.pm b/lib/WebGUI/Auth.pm index 79dca2869..eff34b7ed 100644 --- a/lib/WebGUI/Auth.pm +++ b/lib/WebGUI/Auth.pm @@ -70,35 +70,6 @@ sub _isDuplicateUsername { #------------------------------------------------------------------- -=head2 _isValidPassword ( ) - - Validates the password. - -=cut - -sub _isValidPassword { - my $self = shift; - my $password = shift; - my $confirm = shift; - my $error = ""; - - if ($password ne $confirm) { - $error .= '
  • '.WebGUI::International::get(3,'Auth/WebGUI'); - } - if ($password eq "") { - $error .= '
  • '.WebGUI::International::get(4,'Auth/WebGUI'); - } - - if ($self->getSetting("passwordLength") && length($password) < $self->getSetting("passwordLength")){ - $error .= '
  • '.WebGUI::International::get(7,'Auth/WebGUI')." ".$self->getSetting("passwordLength"); - } - - $self->error($error); - return $error eq ""; -} - -#------------------------------------------------------------------- - =head2 _isValidUsername ( username ) Validates the username passed in. @@ -232,11 +203,11 @@ sub createAccount { my $method = $_[0]; my $vars = $_[1]; my $template = $_[2] || 'Auth/'.$self->authMethod.'/Create'; - $vars->{displayTitle} = '

    '.WebGUI::International::get(54).'

    '; + $vars->{title} = WebGUI::International::get(54); - $vars->{'create.form.header'} = "\n\n".WebGUI::Form::formHeader({}); - $vars->{'create.form.hidden'} .= WebGUI::Form::hidden({"name"=>"op","value"=>"auth"}); - $vars->{'create.form.hidden'} .= WebGUI::Form::hidden({"name"=>"method","value"=>$method}); + $vars->{'create.form.header'} = WebGUI::Form::formHeader({}); + $vars->{'create.form.header'} .= WebGUI::Form::hidden({"name"=>"op","value"=>"auth"}); + $vars->{'create.form.header'} .= WebGUI::Form::hidden({"name"=>"method","value"=>$method}); #User Defined Options $vars->{'create.form.profile'} = WebGUI::Operation::Profile::getRequiredProfileFields(); @@ -244,11 +215,9 @@ sub createAccount { $vars->{'create.form.submit'} = WebGUI::Form::submit({}); $vars->{'create.form.footer'} = ""; - $vars->{'create.options.accountExists'} = ''.WebGUI::International::get(58).''; + $vars->{'login.url'} = WebGUI::URL::page('op=auth&method=init'); + $vars->{'login.label'} = WebGUI::International::get(58); - if ($self->getSetting("passwordRecovery")) { - $vars->{'create.options.passwordRecovery'} = ''.WebGUI::International::get(59).''; - } return WebGUI::Template::process(WebGUI::Template::get(1,$template), $vars); } @@ -328,14 +297,16 @@ sub createAccountSave { sub deactivateAccount { my $self = shift; my $method = $_[0]; - my ($output); return WebGUI::Privilege::vitalComponent() if($self->userId < 26); return WebGUI::Privilege::adminOnly() if(!$session{setting}{selfDeactivation}); - $output = '

    '.WebGUI::International::get(42).'

    '; - $output .= WebGUI::International::get(60).'

    '; - $output .= '

    '; - return $output; + my %var; + $var{title} = WebGUI::International::get(42); + $var{question} = WebGUI::International::get(60); + $var{'yes.url'} = WebGUI::URL::page('op=auth&method='.$method); + $var{'yes.label'} = WebGUI::International::get(44); + $var{'no.url'} = WebGUI::URL::page(); + $var{'no.label'} = WebGUI::International::get(45); + return WebGUI::Template::process(WebGUI::Template::get(1,"prompt"), \%var); } #------------------------------------------------------------------- @@ -395,11 +366,11 @@ sub displayAccount { my $vars = $_[1]; my $template = $_[2] || 'Auth/'.$self->authMethod.'/Account'; - $vars->{displayTitle} = '

    '.WebGUI::International::get(61).'

    '; + $vars->{title} = WebGUI::International::get(61); - $vars->{'account.form.header'} = "\n\n".WebGUI::Form::formHeader({}); - $vars->{'account.form.hidden'} = WebGUI::Form::hidden({"name"=>"op","value"=>"auth"}); - $vars->{'account.form.hidden'} .= WebGUI::Form::hidden({"name"=>"method","value"=>$method}); + $vars->{'account.form.header'} = WebGUI::Form::formHeader({}); + $vars->{'account.form.header'} = WebGUI::Form::hidden({"name"=>"op","value"=>"auth"}); + $vars->{'account.form.header'} .= WebGUI::Form::hidden({"name"=>"method","value"=>$method}); if($session{setting}{useKarma}){ $vars->{'account.form.karma'} = $session{user}{karma}; $vars->{'account.form.karma.label'} = WebGUI::International::get(537); @@ -445,8 +416,8 @@ sub displayLogin { WebGUI::Session::setScratch("redirectAfterLogin",$session{env}{REQUEST_URI}); } - $vars->{displayTitle} = '

    '.WebGUI::International::get(66).'

    '; - $vars->{'login.form.header'} = "\n\n".WebGUI::Form::formHeader({}); + $vars->{title} = WebGUI::International::get(66); + $vars->{'login.form.header'} = WebGUI::Form::formHeader({}); if ($session{setting}{encryptLogin}) { $vars->{'login.form.header'} =~ s/http:/https:/; } @@ -459,12 +430,9 @@ sub displayLogin { $vars->{'login.form.submit'} = WebGUI::Form::submit({"value"=>WebGUI::International::get(52)}); $vars->{'login.form.footer'} = ""; - if ($session{setting}{anonymousRegistration}) { - $vars->{'login.options.anonymousRegistration'} = ''.WebGUI::International::get(67).''; - } - if ($self->getSetting("passwordRecovery")) { - $vars->{'login.options.passwordRecovery'} = ''.WebGUI::International::get(59).''; - } + $vars->{'anonymousRegistration.isAllowed'} = ($session{setting}{anonymousRegistration}); + $vars->{'createAccount.url'} = WebGUI::URL::page('op=createAccount'); + $vars->{'createAccount.label'} = WebGUI::International::get(67); return WebGUI::Template::process(WebGUI::Template::get(1,$template), $vars); } @@ -669,51 +637,6 @@ sub profile { } -#------------------------------------------------------------------- -=head2 recoverPassword ( method [,vars,template] ) - - Superclass method that performs general functionality for creating new accounts. - -=over - -=item method - - Auth method that the form for recovering passwords should call - -=item vars - - Array ref of template vars from subclass - -=item template - - Template that this class should use for display purposes - -=back - -=cut - -sub recoverPassword { - my $self = shift; - my $method = $_[0]; - my $vars = $_[1]; - my $template = $_[2] || 'Auth/'.$self->authMethod.'/Recovery'; - - $vars->{displayTitle} = '

    '.WebGUI::International::get(71).'

    '; - - my $output = '

    '.WebGUI::International::get(71).'

    '; - $vars->{'recover.form.header'} = "\n\n".WebGUI::Form::formHeader({}); - $vars->{'recover.form.hidden'} = WebGUI::Form::hidden({"name"=>"op","value"=>"auth"}); - $vars->{'recover.form.hidden'} .= WebGUI::Form::hidden({"name"=>"method","value"=>$method}); - - $vars->{'recover.form.submit'} = WebGUI::Form::submit({}); - $vars->{'recover.form.footer'} = ""; - - $vars->{'recover.options.accountExists'} = ''.WebGUI::International::get(73).''; - if ($session{setting}{anonymousRegistration}) { - $vars->{'recover.options.anonymousRegistration'} = ''.WebGUI::International::get(67).''; - } - return WebGUI::Template::process(WebGUI::Template::get(1,$template), $vars); -} #------------------------------------------------------------------- =head2 setCallable ( callableMethods ) @@ -814,17 +737,15 @@ sub username { #------------------------------------------------------------------- -=head2 validUsernameAndPassword ( username,password,passwordConfirm ) +=head2 validUsername ( username ) - Validates the a username and password. + Validates the a username. =cut -sub validUsernameAndPassword { +sub validUsername { my $self = shift; my $username = $_[0]; - my $password = $_[1]; - my $passwordConfirm = $_[2]; my $error = ""; if($self->_isDuplicateUsername($username)){ @@ -835,10 +756,6 @@ sub validUsernameAndPassword { $error .= $self->error; } - if(!$self->_isValidPassword($password,$passwordConfirm)){ - $error .= $self->error; - } - $self->error($error); return $error eq ""; } diff --git a/lib/WebGUI/Auth/LDAP.pm b/lib/WebGUI/Auth/LDAP.pm index 2eb6b37b2..ab957934e 100644 --- a/lib/WebGUI/Auth/LDAP.pm +++ b/lib/WebGUI/Auth/LDAP.pm @@ -217,8 +217,7 @@ sub createAccountSave { #Check that username is valid and not a duplicate in the system. - $error .= $self->error if($self->_isDuplicateUsername($username)); - $error .= $self->error if(!$self->_isValidUsername($username)); + $error .= $self->error if($self->validUsername($username)); #Validate profile data. my ($profile, $temp, $warning) = WebGUI::Operation::Profile::validateProfileData(); $error .= $temp; diff --git a/lib/WebGUI/Auth/SMB.pm b/lib/WebGUI/Auth/SMB.pm index 0e8c55b2b..a44275f45 100644 --- a/lib/WebGUI/Auth/SMB.pm +++ b/lib/WebGUI/Auth/SMB.pm @@ -124,8 +124,7 @@ sub createAccountSave { } #Check that username is valid and not a duplicate in the system. - $error .= $self->error if($self->_isDuplicateUsername($username)); - $error .= $self->error if(!$self->_isValidUsername($username)); + $error .= $self->error if($self->validUsername($username)); #Validate profile data. my ($profile, $temp, $warning) = WebGUI::Operation::Profile::validateProfileData(); $error .= $temp; diff --git a/lib/WebGUI/Auth/WebGUI.pm b/lib/WebGUI/Auth/WebGUI.pm index 23ddcbabd..e2f73084a 100644 --- a/lib/WebGUI/Auth/WebGUI.pm +++ b/lib/WebGUI/Auth/WebGUI.pm @@ -23,6 +23,35 @@ use WebGUI::Utility; our @ISA = qw(WebGUI::Auth); +#------------------------------------------------------------------- + +=head2 _isValidPassword ( ) + + Validates the password. + +=cut + +sub _isValidPassword { + my $self = shift; + my $password = shift; + my $confirm = shift; + my $error = ""; + + if ($password ne $confirm) { + $error .= '
  • '.WebGUI::International::get(3,'Auth/WebGUI'); + } + if ($password eq "") { + $error .= '
  • '.WebGUI::International::get(4,'Auth/WebGUI'); + } + + if ($self->getSetting("passwordLength") && length($password) < $self->getSetting("passwordLength")){ + $error .= '
  • '.WebGUI::International::get(7,'Auth/WebGUI')." ".$self->getSetting("passwordLength"); + } + + $self->error($error); + return $error eq ""; +} + #------------------------------------------------------------------- =head2 addUserForm ( ) @@ -131,6 +160,9 @@ sub createAccount { $vars->{'create.form.passwordConfirm'} = WebGUI::Form::password({"name"=>"authWebGUI.identifierConfirm","value"=>$session{form}{"authWebGUI.identifierConfirm"}}); $vars->{'create.form.passwordConfirm.label'} = WebGUI::International::get(2,'Auth/WebGUI'); $vars->{'create.form.hidden'} = WebGUI::Form::hidden({"name"=>"confirm","value"=>$session{form}{confirm}}); + $vars->{'recoverPassword.isAllowed'} = $self->getSetting("passwordRecovery"); + $vars->{'recoverPassword.url'} = WebGUI::URL::page('op=recoverPassword'); + $vars->{'recoverPassword.label'} = WebGUI::International::get(59); return $self->SUPER::createAccount("createAccountSave",$vars); } @@ -144,7 +176,8 @@ sub createAccountSave { my $password = $session{form}{'authWebGUI.identifier'}; my $passConfirm = $session{form}{'authWebGUI.identifierConfirm'}; - my $error = $self->error if(!$self->validUsernameAndPassword($username,$password,$passConfirm)); + my $error = $self->error if(!$self->validUsername($username)); + $error.= $self->error if(!$self->_isValidPassword($password,$passConfirm)); my ($profile, $temp, $warning) = WebGUI::Operation::Profile::validateProfileData(); $error .= $temp; @@ -215,6 +248,11 @@ sub displayLogin { my $vars; return $self->displayAccount($_[0]) if ($self->userId != 1); $vars->{'login.message'} = $_[0] if ($_[0]); + $vars->{'recoverPassword.isAllowed'} = $self->getSetting("passwordRecovery"); + $vars->{'recoverPassword.url'} = WebGUI::URL::page('op=recoverPassword'); + $vars->{'recoverPassword.label'} = WebGUI::International::get(59); + + return $self->SUPER::displayLogin("login",$vars); } @@ -342,14 +380,28 @@ sub new { #------------------------------------------------------------------- -sub recoverPassword { +sub recoverPassword { my $self = shift; - my $vars; return $self->displayLogin if($self->userId != 1); + my $template = 'Auth/WebGUI/Recovery'; + my $vars; + $vars->{title} = WebGUI::International::get(71); + $vars->{'recover.form.header'} = "\n\n".WebGUI::Form::formHeader({}); + $vars->{'recover.form.hidden'} = WebGUI::Form::hidden({"name"=>"op","value"=>"auth"}); + $vars->{'recover.form.hidden'} .= WebGUI::Form::hidden({"name"=>"method","value"=>"recoverPasswordFinish"}); + + $vars->{'recover.form.submit'} = WebGUI::Form::submit({}); + $vars->{'recover.form.footer'} = ""; + $vars->{'login.url'} = WebGUI::URL::page('op=auth&method=init'); + $vars->{'login.label'} = WebGUI::International::get(58); + + $vars->{'anonymousRegistration.isAllowed'} = if ($session{setting}{anonymousRegistration}); + $vars->{'createAccount.url'} = WebGUI::URL::page('op=createAccount'); + $vars->{'createAccount.label'} = WebGUI::International::get(67); $vars->{'recover.message'} = $_[0] if ($_[0]); $vars->{'recover.form.email'} = WebGUI::Form::text({"name"=>"email"}); $vars->{'recover.form.email.label'} = WebGUI::International::get(56); - return $self->SUPER::recoverPassword("recoverPasswordFinish",$vars); + return WebGUI::Template::process(WebGUI::Template::get(1,$template), $vars); } #------------------------------------------------------------------- @@ -480,10 +532,6 @@ sub updateAccount { $display = $error; } - #if(!$self->validUsernameAndPassword($username,$password,$passConfirm)){ - # $display = $self->error; #overwrite display - #} - my $properties; my $u = $self->user; if(!$error){