83297718c59f5540eccc0ed85472a4930c675062 chinhli Mon May 14 16:16:35 2012 -0700 Finalized send new password email test. diff --git src/hg/hgLogin/hgLogin.c src/hg/hgLogin/hgLogin.c index 3d9d635..b0e919f 100644 --- src/hg/hgLogin/hgLogin.c +++ src/hg/hgLogin/hgLogin.c @@ -122,54 +122,54 @@ return TRUE; else return FALSE; } unsigned int randInt(unsigned int n) /* little randome number helper returns 0 to n-1 */ { return (unsigned int) n * (rand() / (RAND_MAX + 1.0)); } char *generateRandomPassword() /* Generate random password for users who have lost their old one. */ { char boundary[256]; -char punc[] = "!@#$%^&*()"; +char punc[] = "!@#$%&()"; /* choose a new string for the boundary */ /* Set initial seed */ int i = 0; int r = 0; char c = ' '; boundary[0]=0; srand( (unsigned)time( NULL ) ); for(i=0;i<8;++i) { r = randInt(4); switch (r) { case 0 : c = 'A' + randInt(26); break; case 1 : c = 'a' + randInt(26); break; case 2 : c = '0' + randInt(10); break; default: - c = punc[randInt(10)]; + c = punc[randInt(8)]; break; } boundary[i] = c; } boundary[i]=0; return cloneString(boundary); } /* ---- General purpose helper routines. ---- */ void backToHgSession(int nSec) /* delay for N/10 micro seconds then go back to hgSession page */ { char *hgLoginHost = wikiLinkHost(); int delay=nSec*100; hPrintf("<script language=\"JavaScript\">\n" @@ -289,38 +289,41 @@ char query[256]; /* find all the user names assocaited with this email address */ char user[256]; safef(query,sizeof(query),"select * from gbMembers where email='%s'", email); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { struct gbMembers *m = gbMembersLoad(row); safef(user, sizeof(user), m->userName); mailUsername(email, user); } sqlFreeResult(&sr); } -void mailNewPassword(char *username, char *email, char *password) +void sendNewPwdMail(char *username, char *email, char *password) /* send user new password */ { char subject[256]; -char msg[256]; +char msg[4096]; char signature[256]="\nUCSC Genome Browser \nhttp://www.genome.ucsc.edu "; -safef(subject, sizeof(subject),"Greeting form UCSC Genome Browser"); -safef(msg, sizeof(msg), "New password for user %s: \n\n %s \n", username, password); +char *remoteAddr=getenv("REMOTE_ADDR"); +safef(subject, sizeof(subject),"New temporary password for UCSC Genome Browse"); +safef(msg, sizeof(msg), + "Someone (probably you, from IP address %s) requested a new password for UCSC Genome Browser (http://genome.ucsc.edu). A temporary password for user \"%s\" has been created and was set to \"%s\". If this was your intent, you will need to log in and choose a new password now. Your temporary password will expire in 7 days.\nIf someone else made this request, or if you have remembered your password, and you no longer wish to change it, you may ignore this message and continue using your old password.\n", + remoteAddr, username, password); safecat (msg, sizeof(msg), signature); sendMailOut(email, subject, msg); } void displayAccHelpPage(struct sqlConnection *conn) /* draw the account help page */ { char *email = cartUsualString(cart, "hgLogin_email", ""); char *username = cartUsualString(cart, "hgLogin_userName", ""); //cartRemove(cart, "hgLogin_helpWith"); //cartRemove(cart, "hgLogin_email"); hPrintf("<script language=\"JavaScript\">\n" "<!-- " "\n" "function toggle(value){\n" @@ -377,31 +380,31 @@ void sendNewPassword(struct sqlConnection *conn, char *username, char *password) /* email user new password */ { struct sqlResult *sr; char query[256]; /* find email address assocaited with this username */ safef(query,sizeof(query),"select email from gbMembers where userName='%s'", username); char *email = sqlQuickString(conn, query); if (!email || sameString(email,"")) { freez(&errMsg); errMsg = cloneString("Email address not found."); displayAccHelpPage(conn); return; } -mailNewPassword(username, email, password); +sendNewPwdMail(username, email, password); sqlFreeResult(&sr); } void lostPassword(struct sqlConnection *conn, char *username) /* Generate and mail new password to user */ { char query[256]; char *password = generateRandomPassword(); char encPwd[45] = ""; encryptNewPwd(password, encPwd, sizeof(encPwd)); safef(query,sizeof(query), "update gbMembers set lastUse=NOW(),newPassword='%s', newPasswordExpire=DATE_ADD(NOW(), INTERVAL 7 DAY), passwordChangeRequired='Y' where userName='%s'", sqlEscapeString(encPwd), sqlEscapeString(username)); sqlUpdate(conn, query); sendNewPassword(conn, username, password); return;