Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/members/member-password.pl
Owen Leonard 4a6ec50c62 Fix for Bug 5280 - Fix password field so that the password is masked as it is entered 
This patch changes the password field to a password type input on
member-password.pl and adds a confirmation field to both member-password.pl
and memberentry.pl requiring that the password be re-entered to
confirm.

Client-side and server-side validation for the two password fields has been added
to both pages. Multiple error messages can now be displayed together on
member-password.pl.

If the user wishes for Koha to suggest a random password on member-password.pl
they can click a link which will remove the password-type input fields, replace
them with text-type fields, and automatically fill them with the random
password suggestion.

Follow-up fix lets the members.js correctly handling errors when there are
no mandatory fields

LR followup: fixing slight error that corrects previously reported template error.

Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Tested password setting/changing utilities - all work as expected and described.
Passes prove t xt t/db_dependent tests congruent with current master failures (adds no new fails).

Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
2012-02-13 16:39:59 +01:00

135 lines
4.5 KiB
Perl
Executable file
Raw Blame History

#!/usr/bin/perl
#script to set the password, and optionally a userid, for a borrower
#written 2/5/00
#by chris@katipo.co.nz
#converted to using templates 3/16/03 by mwhansen@hmc.edu
use strict;
use warnings;
use C4::Auth;
use C4::Output;
use C4::Context;
use C4::Members;
use C4::Branch;
use C4::Circulation;
use CGI;
use C4::Members::Attributes qw(GetBorrowerAttributes);
use Digest::MD5 qw(md5_base64);
my $input = new CGI;
my $theme = $input->param('theme') || "default";
# only used if allowthemeoverride is set
my ($template, $loggedinuser, $cookie, $staffflags)
= get_template_and_user({template_name => "members/member-password.tmpl",
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => {borrowers => 1},
debug => 1,
});
my $flagsrequired;
$flagsrequired->{borrowers}=1;
#my ($loggedinuser, $cookie, $sessionID) = checkauth($input, 0, $flagsrequired);
my $member=$input->param('member');
my $cardnumber = $input->param('cardnumber');
my $destination = $input->param('destination');
my @errors;
my ($bor)=GetMember('borrowernumber' => $member);
if(( $member ne $loggedinuser ) && ($bor->{'category_type'} eq 'S' ) ) {
push(@errors,'NOPERMISSION') unless($staffflags->{'superlibrarian'} || $staffflags->{'staffaccess'} );
# need superlibrarian for koha-conf.xml fakeuser.
}
my $newpassword = $input->param('newpassword');
my $newpassword2 = $input->param('newpassword2');
push(@errors,'NOMATCH') if ( ( $newpassword && $newpassword2 ) && ($newpassword ne $newpassword2) );
my $minpw = C4::Context->preference('minPasswordLength');
push(@errors,'SHORTPASSWORD') if( $newpassword && $minpw && (length($newpassword) < $minpw ) );
if ( $newpassword && !scalar(@errors) ) {
my $digest=md5_base64($input->param('newpassword'));
my $uid = $input->param('newuserid');
my $dbh=C4::Context->dbh;
if (changepassword($uid,$member,$digest)) {
$template->param(newpassword => $newpassword);
if ($destination eq 'circ') {
print $input->redirect("/cgi-bin/koha/circ/circulation.pl?findborrower=$cardnumber");
} else {
print $input->redirect("/cgi-bin/koha/members/moremember.pl?borrowernumber=$member");
}
} else {
push(@errors,'BADUSERID');
}
} else {
my $userid = $bor->{'userid'};
my $chars='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
my $length=int(rand(2))+C4::Context->preference("minPasswordLength");
my $defaultnewpassword='';
for (my $i=0; $i<$length; $i++) {
$defaultnewpassword.=substr($chars, int(rand(length($chars))),1);
}
$template->param( defaultnewpassword => $defaultnewpassword );
}
if ( $bor->{'category_type'} eq 'C') {
my ( $catcodes, $labels ) = GetborCatFromCatType( 'A', 'WHERE category_type = ?' );
my $cnt = scalar(@$catcodes);
$template->param( 'CATCODE_MULTI' => 1) if $cnt > 1;
$template->param( 'catcode' => $catcodes->[0]) if $cnt == 1;
}
$template->param( adultborrower => 1 ) if ( $bor->{'category_type'} eq 'A' );
my ($picture, $dberror) = GetPatronImage($bor->{'cardnumber'});
$template->param( picture => 1 ) if $picture;
if (C4::Context->preference('ExtendedPatronAttributes')) {
my $attributes = GetBorrowerAttributes($bor->{'borrowernumber'});
$template->param(
ExtendedPatronAttributes => 1,
extendedattributes => $attributes
);
}
$template->param( othernames => $bor->{'othernames'},
surname => $bor->{'surname'},
firstname => $bor->{'firstname'},
borrowernumber => $bor->{'borrowernumber'},
cardnumber => $bor->{'cardnumber'},
categorycode => $bor->{'categorycode'},
category_type => $bor->{'category_type'},
categoryname => $bor->{'description'},
address => $bor->{'address'},
address2 => $bor->{'address2'},
city => $bor->{'city'},
state => $bor->{'state'},
zipcode => $bor->{'zipcode'},
country => $bor->{'country'},
phone => $bor->{'phone'},
email => $bor->{'email'},
branchcode => $bor->{'branchcode'},
branchname => GetBranchName($bor->{'branchcode'}),
userid => $bor->{'userid'},
destination => $destination,
is_child => ($bor->{'category_type'} eq 'C'),
activeBorrowerRelationship => (C4::Context->preference('borrowerRelationship') ne ''),
minPasswordLength => $minpw
);
if( scalar(@errors )){
$template->param( errormsg => 1 );
foreach my $error (@errors) {
$template->param($error) || $template->param( $error => 1);
}
}
output_html_with_http_headers $input, $cookie, $template->output;
View git blame Copy permalink