95d4a048318a2bb57d2f895761126f93aafe04fa chinhli Sun May 6 16:48:37 2012 -0700 Minor clean up. diff --git src/hg/hgLogin/hgLogin.c src/hg/hgLogin/hgLogin.c index 714aae9..c490c58 100644 --- src/hg/hgLogin/hgLogin.c +++ src/hg/hgLogin/hgLogin.c @@ -60,156 +60,153 @@ "\n" /* TODO: afterDelayBackTo("http....") */ "window.setTimeout(afterDelay, %d);\n" "function afterDelay() {\n" "window.location =\"%s\";" "\n}" "\n" "//-->" "\n" "</script>" ,delay ,returnTo); } - - void displayMailSuccess() /* display mail success confirmation box */ { char *email = cartUsualString(cart, "hgLogin_email", ""); char *obj=cartUsualString(cart, "hgLogin_helpWith", ""); // safecpy(obj, sizeof(obj),object); hPrintf( "<div id=\"confirmationBox\" class=\"centeredContainer formBox\">" "\n" "<h2>UCSC Genome Browser</h2>" "<p id=\"confirmationMsg\" class=\"confirmationTxt\">An email has been sent to " " <span id=\"emailaddress\">%s</span> containing %s...</p>" "\n" "<p><a href=\"hgLogin?hgLogin.do.displayLoginPage=1\">Return to Login</a></p>" , email , obj ); } void sendMail(char *email, char *subject, char *msg) { char *hgLoginHost = wikiLinkHost(); -char *helpWith = cartUsualString(cart, "hgLogin_helpWith", ""); +char *obj = cartUsualString(cart, "hgLogin_helpWith", ""); char cmd[256]; safef(cmd,sizeof(cmd), "echo '%s' | mail -s \"%s\" %s" , msg, subject, email); int result = system(cmd); if (result == -1) { hPrintf( "<h2>UCSC Genome Browser</h2>" "<p align=\"left\">" "</p>" "<h3>Error emailing %s to: %s</h3>" "Click <a href=hgLogin?hgLogin.do.displayAccHelpPage=1>here</a> to return.<br>" - , helpWith + , obj , email ); } else { -// cartSetString(cart, "hgLogin_helpWith", "password"); hPrintf( "<script language=\"JavaScript\">\n" "<!-- " "\n" "window.location =\"http://%s/cgi-bin/hgLogin?hgLogin.do.displayMailSuccess=1\"" "//-->" "\n" "</script>" , hgLoginHost ); } +// cartRemove(cart, "hgLogin_helpWith"); } void mailUsername(char *email, char *users) /* send user name list to the email address */ { char subject[256]; char msg[256]; char signature[256]="\nUCSC Genome Browser \nhttp://www.genome.ucsc.edu "; safef(subject, sizeof(subject),"Greeting form UCSC Genome Browser"); safef(msg, sizeof(msg), "User name(s) associated with this email address at UCSC Genome Browser: \n\n %s \n", users); safecat (msg, sizeof(msg), signature); sendMail(email, subject, msg); } void sendUsername(struct sqlConnection *conn, char *email) /* email user username(s) */ { struct sqlResult *sr; char **row; char query[256]; -// char *email = cartUsualString(cart, "hgLogin_email", ""); /* TODO: validate the email address is in right format */ /* find all the user names assocaited with this email address */ char user[256]; safef(query,sizeof(query),"select * from gbMembers where email='%s'", email); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { struct gbMembers *m = gbMembersLoad(row); safef(user, sizeof(user), m->userName); mailUsername(email, user); } sqlFreeResult(&sr); } -void generateNewPassword(struct sqlConnection *conn, char *username) -/* Generate a new password */ +void lostPassword(struct sqlConnection *conn, char *username) +/* Generate and mail new password to user */ { char query[256]; //char cmd[256]; char *password = generateRandomPassword(); char encPwd[45] = ""; encryptNewPwd(password, encPwd, sizeof(encPwd)); safef(query,sizeof(query), "update gbMembers set lastUse=NOW(),newPassword='%s', newPasswordExpire=DATE_ADD(NOW(), INTERVAL 7 DAY), passwordChangeRequired='Y' where userName='%s'", sqlEscapeString(encPwd), sqlEscapeString(username)); sqlUpdate(conn, query); -/* quick return check table */ sendNewPassword(conn, username, password); return; } void sendNewPassword(struct sqlConnection *conn, char *username, char *password) /* email user new password */ { struct sqlResult *sr; char query[256]; /* find all the user names assocaited with this email address */ safef(query,sizeof(query),"select email from gbMembers where userName='%s'", username); char *email = sqlQuickString(conn, query); if (!email || sameString(email,"")) { freez(&errMsg); errMsg = cloneString("Email address not found."); displayAccHelpPage(conn); return; } + mailNewPassword(username, email, password); sqlFreeResult(&sr); } void mailNewPassword(char *username, char *email, char *password) /* send user new password */ { char subject[256]; char msg[256]; char signature[256]="\nUCSC Genome Browser \nhttp://www.genome.ucsc.edu "; safef(subject, sizeof(subject),"Greeting form UCSC Genome Browser"); safef(msg, sizeof(msg), "New password for user %s: \n\n %s \n", username, password); safecat (msg, sizeof(msg), signature); sendMail(email, subject, msg); } @@ -451,100 +448,30 @@ hPrintf("<h1>Members</h1>"); hPrintf("<table>"); hPrintf("<th>email</th><th>password</th>"); sr = sqlGetResult(conn, "select * from members"); while ((row = sqlNextRow(sr)) != NULL) { hPrintf("<tr><td>%s</td><td>%s</td></tr>",row[0],row[1]); } sqlFreeResult(&sr); hPrintf("</table>"); } -void lostPassword(struct sqlConnection *conn) -/* process the lost password form */ -{ -char query[256]; -char cmd[256]; -char *username = cartUsualString(cart, "hgLogin_userName", ""); -if (!username || sameString(username,"")) - { - freez(&errMsg); - errMsg = cloneString("Username cannot be blank."); - // lostPasswordPage(conn); - return; - } -/**** scalfolding code before reset pwd is finished ***/ - else { - freez(&errMsg); - errMsg = cloneString("Generating new password....."); - // lostPasswordPage(conn); - return; - } - -safef(query,sizeof(query), "select password from gbMembers where userName='%s'", username); -char *password = sqlQuickString(conn, query); -if (!password) - { - freez(&errMsg); - errMsg = cloneString("Username not found."); - // lostPasswordPage(conn); - return; - } -freez(&password); -password = generateRandomPassword(); -char encPwd[45] = ""; -encryptNewPwd(password, encPwd, sizeof(encPwd)); - -safef(query,sizeof(query), "update gbMembers set password='%s' where userName='%s'", sqlEscapeString(encPwd), sqlEscapeString(username)); -sqlUpdate(conn, query); - -updatePasswordsFile(conn); - -safef(cmd,sizeof(cmd), -"echo 'Your new password is: %s' | mail -s \"Lost GSID HIV password\" %s" -, password, username); -int result = system(cmd); -if (result == -1) - { - hPrintf( - "<h2>UCSC Genome Browser</h2>" - "<p align=\"left\">" - "</p>" - "<h3>Error emailing password to: %s</h3>" - "Click <a href=hgLogin?hgLogin.do.signupPage=1>here</a> to return.<br>" - , username - ); - } -else - { - hPrintf( - "<h2>UCSC Genome Browser</h2>" - "<p align=\"left\">" - "</p>" - "<h3>Password has been emailed to: %s</h3>" - "Click <a href=hgLogin?hgLogin.do.signupPage=1>here</a> to return.<br>" - , username - ); - } - -freez(&password); -} - void changePasswordPage(struct sqlConnection *conn) /* change password page */ { hPrintf( "<div id=\"changePwBox\" class=\"centeredContainer formBox\">" "\n" "<h2>UCSC Genome Browser</h2>" "\n" "<h3>Change Password</h3>" "\n" "<p> <span style='color:red;'>%s</span> </p>" "\n" "<form method=\"post\" action=\"hgLogin\" name=\"changePasswordForm\" id=\"changePasswordForm\">" "\n" "<div class=\"inputGroup\">" @@ -952,35 +879,36 @@ errMsg = cloneString("Username cannot be blank."); displayAccHelpPage(conn); return; } else { safef(query,sizeof(query), "select password from gbMembers where userName='%s'", username); char *password = sqlQuickString(conn, query); if (!password) { freez(&errMsg); errMsg = cloneString("Username not found."); displayAccHelpPage(conn); return; } } - generateNewPassword(conn, username); + lostPassword(conn, username); + //sendNewPassword(conn, username, password); return; } -cartRemove(cart, "hgLogin_helpWith"); -cartRemove(cart, "hgLogin_email"); +// cartRemove(cart, "hgLogin_helpWith"); +// cartRemove(cart, "hgLogin_email"); // cartRemove(cart, "hgLogin_userName"); displayAccHelpPage(conn); return; } /* ----- account login/display functions ---- */ void displayLoginPage(struct sqlConnection *conn) /* draw the account login page */ { char *username = cartUsualString(cart, "hgLogin_userName", ""); /* for password security, use cgi hash instead of cart */ // char *password = cgiUsualString("hgLogin_password", ""); @@ -1259,40 +1187,30 @@ } void doMiddle(struct cart *theCart) /* Write the middle parts of the HTML page. * This routine sets up some globals and then * dispatches to the appropriate page-maker. */ { struct sqlConnection *conn = hConnectCentral(); cart = theCart; if (cartVarExists(cart, "debug")) debugShowAllMembers(conn); -/******************************************************************* -else if (cartVarExists(cart, "hgLogin.do.lostUserNamePage")) - lostUserNamedPage(conn); -else if (cartVarExists(cart, "hgLogin.do.lostUserName")) - lostUserName(conn); -********************************************************************/ -// else if (cartVarExists(cart, "hgLogin.do.lostPasswordPage")) -// lostPasswordPage(conn); -else if (cartVarExists(cart, "hgLogin.do.lostPassword")) - lostPassword(conn); else if (cartVarExists(cart, "hgLogin.do.changePasswordPage")) changePasswordPage(conn); else if (cartVarExists(cart, "hgLogin.do.changePassword")) changePassword(conn); else if (cartVarExists(cart, "hgLogin.do.displayUserInfo")) displayUserInfo(conn); else if (cartVarExists(cart, "hgLogin.do.displayAccHelpPage")) displayAccHelpPage(conn); else if (cartVarExists(cart, "hgLogin.do.accountHelp")) accountHelp(conn); else if (cartVarExists(cart, "hgLogin.do.activateAccount")) activateAccount(conn); else if (cartVarExists(cart, "hgLogin.do.displayMailSuccess")) displayMailSuccess(conn); else if (cartVarExists(cart, "hgLogin.do.displayLoginPage"))