[LON-CAPA-cvs] cvs: loncom /interface resetpw.pm

Thu Aug 29 20:09:39 EDT 2019

raeburn		Fri Aug 30 00:09:39 2019 EDT

  Modified files:              
    /loncom/interface	resetpw.pm 
  Log:
  - Include domain when checking captcha submission
  - Point "Go back" link at /adm/resetpw so a new captcha is displayed.
  
  
Index: loncom/interface/resetpw.pm
diff -u loncom/interface/resetpw.pm:1.45 loncom/interface/resetpw.pm:1.46

--- loncom/interface/resetpw.pm:1.45	Fri Apr 26 20:22:18 2019
+++ loncom/interface/resetpw.pm	Fri Aug 30 00:09:39 2019
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Allow access to password changing via a token sent to user's e-mail. 
 #
-# $Id: resetpw.pm,v 1.45 2019/04/26 20:22:18 raeburn Exp $
+# $Id: resetpw.pm,v 1.46 2019/08/30 00:09:39 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -305,7 +305,7 @@
             my $earlyout;
             unless ($passwdconf{'captcha'} eq 'unused') {
                 my ($captcha_chk,$captcha_error) =
-                    &Apache::loncommon::captcha_response('passwords',$server);
+                    &Apache::loncommon::captcha_response('passwords',$server,$dom_in_effect);
                 if ($captcha_chk != 1) {
                     my $error = 'captcha'; 
                     if ($passwdconf{'captcha'} eq 'recaptcha') {
@@ -359,7 +359,7 @@
                             }
                             foreach my $item (@items) {
                                 if ($item =~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/) {
-                                    unless (grep(/^\Q$item\E$/i, at allemails)) { 
+                                    unless (grep(/^\Q$item\E$/i, at allemails)) {
                                         push(@allemails,$item);
                                     }
                                 }
@@ -727,7 +727,7 @@
                           '<p class="LC_warning">'
                          .&mt('Please enter a password that you have not used recently.')
                          .'</p>'
-                         .&display_actions($contact_email,$domdesc)
+                         .&display_actions($contact_email,$domdesc,$token)
                     );
                 } else {
                     $r->print(&generic_failure_msg($contact_name,$contact_email));
@@ -824,9 +824,13 @@
 }
 
 sub display_actions {
-    my ($contact_email, $domdesc) = @_;
+    my ($contact_email,$domdesc,$token) = @_;
+    my $url = '/adm/resetpw';
+    if ($token) {
+        $url .= '?token='.&escape($token);
+    }
     my @msg = (&mt('[_1]Go back[_2] and try again',
-                   '<a href="javascript:history.go(-1)">','</a>'));
+                   '<a href="'.$url.'">','</a>'));
     my $msg2 = '';
     if ($contact_email ne '') {
         my $escuri = &HTML::Entities::encode('/adm/resetpw','&<>"');


