Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-password-recovery.tt
Fridolin Somers 214a0e6102 Bug 18955 - autocomplete is on in OPAC password recovery 
In OPAC password recovery form autocomplete is not disabled.
So when login or email is entered, it is saved in browser input history for autocomplete.
This is a major issue for OPAC on computers with public access.

This patch adds autocomplete off on forms.

Test :
- Enable system preferences OpacPasswordChange and OpacResetPassword
- Go to OPAC
- Be sure to not be logged in
- Click on "Forgot your password?"
- Enter a loggin and email and Submit
=> Without patch there is an autocompletion with values you entered
=> With patch there is no autocompletion

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-07-24 14:05:38 -03:00

130 lines
6.8 KiB
Text
Raw Blame History

[% USE Koha %]
[% INCLUDE 'doc-head-open.inc' %]
<title>[% IF ( LibraryNameTitle ) %][% LibraryNameTitle %] - Forgotten password recovery[% ELSE %]Koha online[% END %] catalog - Forgotten password recovery</title>
[% INCLUDE 'doc-head-close.inc' %]
[% BLOCK cssinclude %][% END %]
[% BLOCK jsinclude %]
<script type="text/javascript" language="javascript">
$(function() {
$("#CheckAll").click(function(){
$("[name=deleteRequest]").attr('checked', true);
return false;
});
$("#CheckNone").click(function(){
$("[name=deleteRequest]").attr('checked', false);
return false;
});
$("select#type").change(function() {
$("fieldset#serial, fieldset#book, fieldset#chapter").hide()
$("fieldset#" + $(this).val() ).show();
});
});
</script>
[% END %]
</head>
[% INCLUDE 'bodytag.inc' bodyid='opac-password-recovery' %]
[% INCLUDE 'masthead.inc' %]
<div class="main">
<ul class="breadcrumb">
<li><a href="/cgi-bin/koha/opac-main.pl">Home</a> <span class="divider">&rsaquo;</span></li>
<li><a href="#">Forgotten password recovery</a></li>
</ul>
<div class="container-fluid">
<div class="row-fluid">
<div class="span2">
[% IF ( OpacPublic ) %]
<div id="navigation">
[% INCLUDE 'navigation.inc' IsPatronPage=0 %]
</div>
[% END %]
</div>
<div class="span10">
<h3>Forgotten password recovery</h3>
[% IF (hasError) %]
<div class="alert alert-warning">
<h3>Error</h3>
<p>
[% IF (sendmailError) %]
An error has occurred while sending you the password recovery link.
<br/>Please try again later.
[% ELSIF (errNoBorrowerFound) %]
No account was found with the provided information.
[% ELSIF (errMultipleAccountsForEmail) %]
Account identification with this email address only is ambiguous.
<br />Please use the field 'Login' as well.
[% ELSIF (errAlreadyStartRecovery) %]
The process of password recovery has already been started for this account ("<strong>[% username %]</strong>")
<br/>You should have received an email with a link to reset your password.
<br/>If you did not receive this email, you can request a new one: <a href="/cgi-bin/koha/opac-password-recovery.pl?resendEmail=true&email=[% email %]&username=[% username %]">Get new password recovery link</a>
[% ELSIF (errPassNotMatch) %]
The passwords do not match.
[% ELSIF (errPassTooShort) %]
Your chosen password is too short.
<br/>The password must contain at least [% minPassLength %] characters.
[% ELSIF (errLinkNotValid) %]
The link you clicked is either invalid, or expired.
<br/>Be sure you used the link from the email, or contact library staff for assistance.
[% END %]
</p>
<p>Please contact the library if you need further assistance.</p>
</div>
[% END %]
<div id="password-recovery">
[% IF (!Koha.Preference('OpacResetPassword')) %]
<div class="alert alert-info">You can't reset your password.</div>
[% ELSIF (password_recovery) %]
<form action="/cgi-bin/koha/opac-password-recovery.pl" method="post" autocomplete="off">
<input type="hidden" name="koha_login_context" value="opac" />
<fieldset>
<p>To reset your password, enter your login and your email address.
<label for="username">Login:</label>
<input type="text" id="username" size="40" name="username" value="[% username %]" />
<label for="email">Email:</label>
<input type="text" id="email" size="40" name="email" value="[% email %]" />
<fieldset class="action">
<input type="submit" value="Submit" class="btn" name="sendEmail" />
</fieldset>
</fieldset>
</form>
[% ELSIF (new_password) %]
<form action="/cgi-bin/koha/opac-password-recovery.pl" method="post" autocomplete="off">
<input type="hidden" name="koha_login_context" value="opac" />
<fieldset>
<div class="alert alert-info">The password must contain at least [% minPassLength %] characters.</div>
<label for="password">New password:</label>
<input type="password" id="password" size="40" name="password" />
<label for="repeatPassword">Confirm new password:</label>
<input type="password" id="repeatPassword" size="40" name="repeatPassword" />
<fieldset class="action">
<input type="hidden" name="username" value="[% username %]" />
<input type="hidden" name="uniqueKey" value="[% uniqueKey %]" />
<input type="submit" value="Submit" class="btn" name="passwordReset" />
</fieldset>
</fieldset>
</form>
[% ELSIF (mail_sent) %]
<div class="alert alert-info">
<p>
You will receive an email shortly.
<br/>Please click the link in this email to finish the process of resetting your password.
<br/>This link is valid for 2 days starting now.
</p>
<a href="/cgi-bin/koha/opac-main.pl"">Return to the main page</a>
</div>
[% ELSIF (password_reset_done) %]
<div class="alert alert-success">
<p>The password has been changed for user "[% username %]".</p>
<a href="/cgi-bin/koha/opac-user.pl">Click here to login.</a>
</div>
[% END %]
</div><!-- / #password-recovery -->
</div><!-- / .span10 -->
</div><!-- / .row-fluid -->
</div><!-- / .container-fluid -->
</div><!-- / .main -->
[% INCLUDE 'opac-bottom.inc' %]
View git blame Copy permalink