e5f4c23785729d1818ef342b5dc2f753347f269a chinhli Fri Jul 27 16:00:18 2012 -0700 Fixed redmine Bug #8341: To retrieve username, if user enter an email address that is not associated with any account, no mail should send out to the address. diff --git src/hg/hgLogin/hgLogin.c src/hg/hgLogin/hgLogin.c index 0f38905..b487ef0 100644 --- src/hg/hgLogin/hgLogin.c +++ src/hg/hgLogin/hgLogin.c @@ -367,42 +367,47 @@ } else { hPrintf("<script language=\"JavaScript\">\n" "<!-- \n" "window.location =\"http://%s/cgi-bin/hgLogin?hgLogin.do.displayActMailSuccess=1\"" "//-->" "\n" "</script>", hgLoginHost); } } void displayMailSuccess() /* display mail success confirmation box */ { +char *sendMailTo = cartUsualString(cart, "hgLogin_sendMailTo", ""); +char *sendMailContain = cartUsualString(cart, "hgLogin_sendMailContain", ""); hPrintf( "<div id=\"confirmationBox\" class=\"centeredContainer formBox\">" - "\n" "<h2>%s</h2>", brwName); hPrintf( - "<p id=\"confirmationMsg\" class=\"confirmationTxt\">An email has been sent to you \n" - "containing information that you requested.</p>" - "\n" + "<p id=\"confirmationMsg\" class=\"confirmationTxt\">An email has been sent to <B>%s</B> " + "containing %s information that you requested.<BR><BR>" + " If <B>%s</B> is not your registered email address, you will not receive an email." + " If you can't find the message we sent you, please contact %s for help.</p>", sendMailTo, sendMailContain, sendMailTo, returnAddr); +hPrintf( "<p><a href=\"hgLogin?hgLogin.do.displayLoginPage=1\">Return to Login</a></p>"); cartRemove(cart, "hgLogin_helpWith"); cartRemove(cart, "hgLogin_email"); cartRemove(cart, "hgLogin_userName"); +cartRemove(cart, "hgLogin_sendMailTo"); +cartRemove(cart, "hgLogin_sendMailContain"); } void sendMailOut(char *email, char *subject, char *msg) /* send mail to email address */ { char *hgLoginHost = wikiLinkHost(); char *obj = cartUsualString(cart, "hgLogin_helpWith", ""); char cmd[4096]; safef(cmd,sizeof(cmd), "echo '%s' | mail -s \"%s\" %s -- -f %s", msg, subject, email, returnAddr); int result = system(cmd); if (result == -1) { hPrintf( @@ -1013,61 +1018,61 @@ displayAccHelpPage(conn); return; } else if (spc_email_isvalid(email) == 0) { freez(&errMsg); errMsg = cloneString("Invalid email address format."); displayAccHelpPage(conn); return; } else { safef(query,sizeof(query), "select password from gbMembers where email='%s'", email); char *password = sqlQuickString(conn, query); - if (!password) + cartSetString(cart, "hgLogin_sendMailTo", email); + cartSetString(cart, "hgLogin_sendMailContain", "username(s)"); + if (!password) /* Email address not found */ { - freez(&errMsg); - errMsg = cloneString("Email address not found."); - displayAccHelpPage(conn); + displayMailSuccess(); return; } sendUsername(conn, email); return; } } /* Forgot password */ if (sameString(helpWith,"password")) { /* validate username first */ if (sameString(username,"")) { freez(&errMsg); errMsg = cloneString("Username cannot be blank."); displayAccHelpPage(conn); return; } else { safef(query,sizeof(query), "select password from gbMembers where userName='%s'", username); char *password = sqlQuickString(conn, query); if (!password) { freez(&errMsg); - errMsg = cloneString("Username not found."); + errMsg = cloneString(incorrectUsername); displayAccHelpPage(conn); return; } } lostPassword(conn, username); return; } displayAccHelpPage(conn); return; } boolean usingNewPassword(struct sqlConnection *conn, char *userName, char *password) /* The user is using requested new password */ { char query[256];