Merge remote-tracking branch 'origin/new/bug_7458'
[koha.git] / members / member-password.pl
1 #!/usr/bin/perl
2 #script to set the password, and optionally a userid, for a borrower
3 #written 2/5/00
4 #by chris@katipo.co.nz
5 #converted to using templates 3/16/03 by mwhansen@hmc.edu
6
7 use strict;
8 use warnings;
9
10 use C4::Auth;
11 use C4::Output;
12 use C4::Context;
13 use C4::Members;
14 use C4::Branch;
15 use C4::Circulation;
16 use CGI;
17 use C4::Members::Attributes qw(GetBorrowerAttributes);
18
19 use Digest::MD5 qw(md5_base64);
20
21 my $input = new CGI;
22
23 my $theme = $input->param('theme') || "default";
24                         # only used if allowthemeoverride is set
25
26 my ($template, $loggedinuser, $cookie, $staffflags)
27     = get_template_and_user({template_name => "members/member-password.tmpl",
28                              query => $input,
29                              type => "intranet",
30                              authnotrequired => 0,
31                              flagsrequired => {borrowers => 1},
32                              debug => 1,
33                              });
34
35 my $flagsrequired;
36 $flagsrequired->{borrowers}=1;
37
38 #my ($loggedinuser, $cookie, $sessionID) = checkauth($input, 0, $flagsrequired);
39
40 my $member=$input->param('member');
41 my $cardnumber = $input->param('cardnumber');
42 my $destination = $input->param('destination');
43 my @errors;
44 my ($bor)=GetMember('borrowernumber' => $member);
45 if(( $member ne $loggedinuser ) && ($bor->{'category_type'} eq 'S' ) ) {
46         push(@errors,'NOPERMISSION') unless($staffflags->{'superlibrarian'} || $staffflags->{'staffaccess'} );
47         # need superlibrarian for koha-conf.xml fakeuser.
48 }
49 my $newpassword = $input->param('newpassword');
50 my $newpassword2 = $input->param('newpassword2');
51
52 push(@errors,'NOMATCH') if ( ( $newpassword && $newpassword2 ) && ($newpassword ne $newpassword2) );
53
54 my $minpw = C4::Context->preference('minPasswordLength');
55 push(@errors,'SHORTPASSWORD') if( $newpassword && $minpw && (length($newpassword) < $minpw ) );
56
57 if ( $newpassword  && !scalar(@errors) ) {
58     my $digest=md5_base64($input->param('newpassword'));
59     my $uid = $input->param('newuserid');
60     my $dbh=C4::Context->dbh;
61     if (changepassword($uid,$member,$digest)) {
62                 $template->param(newpassword => $newpassword);
63                 if ($destination eq 'circ') {
64                     print $input->redirect("/cgi-bin/koha/circ/circulation.pl?findborrower=$cardnumber");               
65                 } else {
66                     print $input->redirect("/cgi-bin/koha/members/moremember.pl?borrowernumber=$member");
67                 }
68     } else {
69                         push(@errors,'BADUSERID');
70     }
71 } else {
72     my $userid = $bor->{'userid'};
73
74     my $chars='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
75     my $length=int(rand(2))+C4::Context->preference("minPasswordLength");
76     my $defaultnewpassword='';
77     for (my $i=0; $i<$length; $i++) {
78         $defaultnewpassword.=substr($chars, int(rand(length($chars))),1);
79     }
80
81         $template->param( defaultnewpassword => $defaultnewpassword );
82 }
83     if ( $bor->{'category_type'} eq 'C') {
84         my  ( $catcodes, $labels ) =  GetborCatFromCatType( 'A', 'WHERE category_type = ?' );
85         my $cnt = scalar(@$catcodes);
86         $template->param( 'CATCODE_MULTI' => 1) if $cnt > 1;
87         $template->param( 'catcode' =>    $catcodes->[0])  if $cnt == 1;
88     }
89         
90 $template->param( adultborrower => 1 ) if ( $bor->{'category_type'} eq 'A' );
91 my ($picture, $dberror) = GetPatronImage($bor->{'cardnumber'});
92 $template->param( picture => 1 ) if $picture;
93
94 if (C4::Context->preference('ExtendedPatronAttributes')) {
95     my $attributes = GetBorrowerAttributes($bor->{'borrowernumber'});
96     $template->param(
97         ExtendedPatronAttributes => 1,
98         extendedattributes => $attributes
99     );
100 }
101
102     $template->param( othernames => $bor->{'othernames'},
103             surname     => $bor->{'surname'},
104             firstname   => $bor->{'firstname'},
105             borrowernumber => $bor->{'borrowernumber'},
106             cardnumber => $bor->{'cardnumber'},
107             categorycode => $bor->{'categorycode'},
108             category_type => $bor->{'category_type'},
109             categoryname => $bor->{'description'},
110             address => $bor->{'address'},
111             address2 => $bor->{'address2'},
112             city => $bor->{'city'},
113             state => $bor->{'state'},
114             zipcode => $bor->{'zipcode'},
115             country => $bor->{'country'},
116             phone => $bor->{'phone'},
117             email => $bor->{'email'},
118             branchcode => $bor->{'branchcode'},
119             branchname => GetBranchName($bor->{'branchcode'}),
120             userid      => $bor->{'userid'},
121             destination => $destination,
122                 is_child        => ($bor->{'category_type'} eq 'C'),
123                 activeBorrowerRelationship => (C4::Context->preference('borrowerRelationship') ne ''),
124         minPasswordLength => $minpw
125         );
126
127 if( scalar(@errors )){
128         $template->param( errormsg => 1 );
129         foreach my $error (@errors) {
130         $template->param($error) || $template->param( $error => 1);
131         }
132
133 }
134
135 output_html_with_http_headers $input, $cookie, $template->output;