27503f94cdbf0d7d8f6f643e9e2ab6b68e2d7ae3
chinhli
Wed May 2 13:03:56 2012 -0700
finished gbMembers table expansion to include security tokens.
diff --git src/hg/hgLogin/hgLogin.c src/hg/hgLogin/hgLogin.c
index ebd5833..4438876 100644
--- src/hg/hgLogin/hgLogin.c
+++ src/hg/hgLogin/hgLogin.c
@@ -52,86 +52,108 @@
"UCSC Genome Browser
"
"An email has been sent to "
" %s containing %s...
"
"\n"
"Return to Login
"
, email
, obj
);
}
void sendMail(char *email, char *subject, char *msg)
{
char *hgLoginHost = hgLoginLinkHost();
char *helpWith = cartUsualString(cart, "hgLogin_helpWith", "");
char cmd[256];
safef(cmd,sizeof(cmd),
-// "echo 'Hello from your favoriate browser at: %s %s ' | mail -s \"Greeting form UCSC Genome Browser\" %s"
-// , msg, httpLink, email);
-//"echo '%s' | mail -s \"Greeting from uCSC\" %s"
"echo '%s' | mail -s \"%s\" %s" , msg, subject, email);
int result = system(cmd);
if (result == -1)
{
hPrintf(
"UCSC Genome Browser
"
""
"
"
"Error emailing %s to: %s
"
"Click here to return.
"
, helpWith
, email
);
}
else
{
// cartSetString(cart, "hgLogin_helpWith", "password");
hPrintf(
""
, hgLoginHost
);
-
-cartSetString(cart, "hgLogin.do.displayMailSuccess", "1");
-//displayMailSuccess("password");
-//return;
}
}
-void sendUsername(char *email, char *users)
+void mailUsername(char *email, char *users)
/* send user name list to the email address */
{
char subject[256];
char msg[256];
char signature[256]="\nUCSC Genome Browser \nhttp://www.genome.ucsc.edu ";
safef(subject, sizeof(subject),"Greeting form UCSC Genome Browser");
safef(msg, sizeof(msg), "User name(s) associated with this email address at UCSC Genome Browser: \n\n %s \n", users);
safecat (msg, sizeof(msg), signature);
sendMail(email, subject, msg);
}
-void activateAccount(struct sqlConnection *conn)
-/* activate account */
+
+void sendUsername(struct sqlConnection *conn)
+/* email user username(s) */
{
struct sqlResult *sr;
char **row;
char query[256];
+char *email = cartUsualString(cart, "hgLogin_email", "");
+
+/* TODO: validate the email address is in right format */
+/* find all the user names assocaited with this email address */
+char userList[256]="";
+safef(query,sizeof(query),"select * from gbMembers where email='%s'", email);
+sr = sqlGetResult(conn, query);
+int numUser = 0;
+while ((row = sqlNextRow(sr)) != NULL)
+ {
+ struct gbMembers *m = gbMembersLoad(row);
+ if (numUser >= 1)
+ safecat(userList, sizeof(userList), ", ");
+ safecat(userList, sizeof(userList), m->userName);
+ numUser += 1;
+ }
+sqlFreeResult(&sr);
+mailUsername(email, userList);
+}
+
+
+/*************** to-do below *********************/
+void activateAccount(struct sqlConnection *conn)
+/* activate account */
+{
+// struct sqlResult *sr;
+// char **row;
+char query[256];
char *token = cgiUsualString("hgLogin_activateAccount", "");
safef(query,sizeof(query),"Token is %s ", token);
if (!sameString(token,""))
{
freez(&errMsg);
errMsg = cloneString(query);
displayLoginPage(conn);
return;
}
}
/* -------- password functions ---- */
void cryptWikiWay(char *password, char *salt, char* result)
// encrypt password as mediawiki does: ':B:'.$salt.':'. md5($salt.'-'.md5($password )
{
@@ -370,78 +392,78 @@
hPrintf("Members
");
hPrintf("");
hPrintf("| email | password | ");
sr = sqlGetResult(conn, "select * from members");
while ((row = sqlNextRow(sr)) != NULL)
{
hPrintf("| %s | %s |
",row[0],row[1]);
}
sqlFreeResult(&sr);
hPrintf("
");
}
-
+/************************************************************
void lostPasswordPage(struct sqlConnection *conn)
-/* draw the lost password page */
+// draw the lost password page
{
hPrintf(
"UCSC Genome Browser
"
""
"
"
"%s"
"Send Me A New Password
"
"");
}
-
+**************************************************************/
void lostPassword(struct sqlConnection *conn)
/* process the lost password form */
{
char query[256];
char cmd[256];
char *email = cartUsualString(cart, "hgLogin_email", "");
if (!email || sameString(email,""))
{
freez(&errMsg);
errMsg = cloneString("Email cannot be blank.");
- lostPasswordPage(conn);
+ // lostPasswordPage(conn);
return;
}
safef(query,sizeof(query), "select password from gbMembers where email='%s'", email);
char *password = sqlQuickString(conn, query);
if (!password)
{
freez(&errMsg);
errMsg = cloneString("Email not found.");
- lostPasswordPage(conn);
+ // lostPasswordPage(conn);
return;
}
freez(&password);
password = generateRandomPassword();
char encPwd[45] = "";
encryptNewPwd(password, encPwd, sizeof(encPwd));
safef(query,sizeof(query), "update gbMembers set password='%s' where email='%s'", sqlEscapeString(encPwd), sqlEscapeString(email));
sqlUpdate(conn, query);
updatePasswordsFile(conn);
safef(cmd,sizeof(cmd),
"echo 'Your new password is: %s' | mail -s \"Lost GSID HIV password\" %s"
, password, email);
@@ -755,51 +777,53 @@
return;
}
if (password && password2 && !sameString(password, password2))
{
freez(&errMsg);
errMsg = cloneString("Passwords do not match.");
signupPage(conn);
return;
}
/* pass all the checks, OK to create the account now */
char encPwd[45] = "";
encryptNewPwd(password, encPwd, sizeof(encPwd));
safef(query,sizeof(query), "insert into gbMembers set "
"userName='%s',password='%s',email='%s', "
- "lastUse=NOW(),activated='N',dateAuthenticated='9999-12-31 23:59:59'",
+ "lastUse=NOW(),accountActivated='N'",
sqlEscapeString(user),sqlEscapeString(encPwd),sqlEscapeString(email));
sqlUpdate(conn, query);
hPrintf(
"UCSC Genome Browser
\n"
"\n"
"
\n"
"User %s successfully added.
\n"
, user
);
/* TODO: cleanup the hgLogin_xxxx vars in the cart */
backToHgSession(2);
}
void displayAccHelpPage(struct sqlConnection *conn)
/* draw the account help page */
{
char *email = cartUsualString(cart, "hgLogin_email", "");
+// cartRemove(cart, "hgLogin_helpWith");
+//cartRemove(cart, "hgLogin_email");
hPrintf(
""
"\n"
"
UCSC Genome Browser
"
"\n"
"
Having trouble signing in?
"
"\n"
"