Jonathan Druart
ac50959dcf
This patch removes a really ugly way to generate a password: the whole template was sent and parsed to retrieve the "#defaultnewpassfield" node. To avoid the password to be sent plain text it is certainly better to generate it client-side. The same kind of passwords will be generated: 0-9a-zA-Z The while loop prevents to get an invalid generated password. Signed-off-by: Marc Véron <veron@veron.ch> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
144 lines
5.7 KiB
Text
144 lines
5.7 KiB
Text
[% USE Koha %]
|
|
[% USE Branches %]
|
|
[% INCLUDE 'doc-head-open.inc' %]
|
|
<title>Koha › Patrons › [% IF ( newpassword ) %]Password updated [% ELSE %]Update password for [% surname %], [% firstname %][% END %]</title>
|
|
[% INCLUDE 'doc-head-close.inc' %]
|
|
<script type="text/JavaScript">
|
|
//<![CDATA[
|
|
|
|
function generate_password() {
|
|
// Always generate a strong password
|
|
var chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
|
|
var length = [% minPasswordLength %];
|
|
var password='';
|
|
for ( var i = 0 ; i < length ; i++){
|
|
password += chars.charAt(Math.floor(Math.random()*chars.length));
|
|
}
|
|
return password;
|
|
}
|
|
$(document).ready(function() {
|
|
$("body").on('click', "#fillrandom",function(e) {
|
|
e.preventDefault();
|
|
var password = '';
|
|
var pattern_regex = /(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{[% minPasswordLength %],}/;
|
|
while ( ! pattern_regex.test( password ) ) {
|
|
password = generate_password();
|
|
}
|
|
$("#newpassword").val(password);
|
|
$("#newpassword").attr('type', 'text');
|
|
$("#newpassword2").val(password);
|
|
$("#newpassword2").attr('type', 'text');
|
|
});
|
|
$("div.hint").eq(0).after(" <div class=\"hint\"><a href=\"#\" id=\"fillrandom\">"+_("Click to fill with a randomly generated suggestion. ")+"<strong>"+_("Passwords will be displayed as text")+"</strong>.</a></div>");
|
|
|
|
$(document).ajaxStart(function () {
|
|
$("input[name^=newpassword]").hide();
|
|
$("label[for=newpassword2]").hide();
|
|
$(".hint:last").after($(".loading").show());
|
|
});
|
|
$(document).ajaxStop(function () {
|
|
$("input[name^=newpassword]").show();
|
|
$("label[for=newpassword2]").show();
|
|
$(".loading").hide();
|
|
$("label.error").hide();
|
|
});
|
|
[% IF NOMATCH %]
|
|
$("#newpassword").addClass('focus');
|
|
[% END %]
|
|
|
|
$("#changepasswordf").validate({
|
|
rules: {
|
|
newpassword: {
|
|
required: true,
|
|
password_strong: true,
|
|
password_no_spaces: true
|
|
},
|
|
newpassword2: {
|
|
required: true,
|
|
password_match: true
|
|
}
|
|
}
|
|
});
|
|
});
|
|
//]]>
|
|
</script>
|
|
</head>
|
|
<body id="pat_member-password" class="pat">
|
|
[% INCLUDE 'header.inc' %]
|
|
[% INCLUDE 'patron-search.inc' %]
|
|
|
|
<div id="breadcrumbs"><a href="/cgi-bin/koha/mainpage.pl">Home</a> › <a href="/cgi-bin/koha/members/members-home.pl">Patrons</a> › <a href="/cgi-bin/koha/members/moremember.pl?borrowernumber=[% borrowernumber %]">[% firstname %] [% surname %]</a> › [% IF ( newpassword ) %]Password Updated[% ELSE %]Change username and/or password[% END %]</div>
|
|
|
|
<div id="doc3" class="yui-t2">
|
|
|
|
<div id="bd">
|
|
<div id="yui-main">
|
|
<div class="yui-b">
|
|
[% INCLUDE 'members-toolbar.inc' %]
|
|
|
|
[% IF ( newpassword ) %]
|
|
<h1>Password Updated</h1>
|
|
|
|
[% ELSE %]
|
|
|
|
<form method="post" id="changepasswordf" action="/cgi-bin/koha/members/member-password.pl">
|
|
<input type="hidden" name="destination" value="[% destination %]" />
|
|
<input type="hidden" name="cardnumber" value="[% cardnumber %]" />
|
|
<input type="hidden" name="borrowernumber" id="borrowernumber" value="[% borrowernumber %]" />
|
|
[% IF ( errormsg ) %]
|
|
<div class="dialog alert">
|
|
<h4>The following errors have occurred:</h4>
|
|
<ul>
|
|
[% IF ( BADUSERID ) %]
|
|
<li>You have entered a username that already exists. Please choose another one.</li>
|
|
[% END %]
|
|
[% IF ( SHORTPASSWORD ) %]
|
|
<li><strong>The password entered is too short</strong>. Password must be at least [% minPasswordLength %] characters.</li>
|
|
[% END %]
|
|
[% IF ( NOPERMISSION ) %]
|
|
<li>You do not have permission to edit this patron's login information.</li>
|
|
[% END %]
|
|
[% IF ( NOMATCH ) %]
|
|
<li><strong>The passwords entered do not match</strong>. Please re-enter the new password.</li>
|
|
[% END %]
|
|
</ul>
|
|
</div>
|
|
[% END %]
|
|
|
|
|
|
<fieldset class="brief"><legend>Change username and/or password for [% firstname %] [% surname %]</legend>
|
|
<ol>
|
|
<li><label for="newuserid">New username:</label>
|
|
<input type="hidden" name="member" value="[% borrowernumber %]" /><input type="text" id="newuserid" name="newuserid" size="20" value="[% userid %]" /></li>
|
|
[% SET password_pattern = ".{" _ minPasswordLength _ ",}" %]
|
|
[% IF Koha.Preference('RequireStrongPassword') %]
|
|
[% SET password_pattern = '(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{' _ minPasswordLength _ ',}' %]
|
|
[% END %]
|
|
<li>
|
|
<label for="newpassword">New password:</label>
|
|
<div class="hint">Koha cannot display existing passwords. Leave the field blank to leave password unchanged.</div>
|
|
<input name="newpassword" id="newpassword" type="password" size="20" />
|
|
</li>
|
|
<li>
|
|
<label for="newpassword2">Confirm new password:</label>
|
|
<input name="newpassword2" id="newpassword2" type="password" size="20" />
|
|
</li>
|
|
</ol>
|
|
</fieldset>
|
|
<fieldset class="action">
|
|
<input type="hidden" name="csrf_token" value="[% csrf_token %]" />
|
|
<input type="submit" value="Save" />
|
|
<a class="cancel" href="/cgi-bin/koha/members/moremember.pl?borrowernumber=[% borrowernumber %]">Cancel</a>
|
|
</fieldset>
|
|
</form>[% END %]
|
|
|
|
</div>
|
|
</div>
|
|
<div class="loading hide"><strong>Processing...</strong><img src="[% interface %]/[% theme %]/img/loading.gif" alt="" /></div>
|
|
<div class="yui-b">
|
|
[% INCLUDE 'circ-menu.inc' %]
|
|
</div>
|
|
</div>
|
|
[% INCLUDE 'intranet-bottom.inc' %]
|
|
[% PROCESS 'password_check.inc' %]
|
|
[% PROCESS 'add_password_check' new_password => 'newpassword' %]
|