| 2 |
- |
1 |
#!/usr/bin/perl -w
|
|
|
2 |
|
|
|
3 |
use strict;
|
|
|
4 |
use lib "/home/rollerco/perl5/lib/perl5";
|
|
|
5 |
use RollerCon;
|
|
|
6 |
use CGI;
|
|
|
7 |
use CGI::Cookie;
|
|
|
8 |
|
|
|
9 |
#my $cookie_string = authenticate(1) || die;
|
|
|
10 |
#my ($EML, $PWD, $LVL) = split /&/, $cookie_string;
|
|
|
11 |
my $query = new CGI;
|
|
|
12 |
my ($FORM, $userref, $buttonValue, $RCid);
|
|
|
13 |
my ($USRMSG, $USRMSGERR, $RO, $RCid_input) = ("", "", "", "");
|
|
|
14 |
|
|
|
15 |
if ($ENV{'QUERY_STRING'}) {
|
|
|
16 |
$FORM->{email} = $query->param('email');
|
|
|
17 |
$FORM->{action} = $query->param('action');
|
|
|
18 |
|
|
|
19 |
if ($FORM->{action} eq "Cancel") {
|
|
|
20 |
$FORM->{email} = "";
|
|
|
21 |
$FORM->{action} = "";
|
|
|
22 |
$buttonValue = "Lookup";
|
|
|
23 |
} elsif ($FORM->{action} eq "Lookup") {
|
|
|
24 |
if ($userref = getUser($FORM->{email})) {
|
|
|
25 |
$USRMSG = "User info found. Click Reset to reset your password, or Cancel to go back";
|
|
|
26 |
$buttonValue = "Reset";
|
|
|
27 |
$RO = "readonly";
|
|
|
28 |
$RCid_input = "<input type=hidden name=RCid value=$userref->{RCid}>";
|
|
|
29 |
} else {
|
|
|
30 |
$USRMSGERR = "No user found with that email address.";
|
|
|
31 |
$buttonValue = "Lookup";
|
|
|
32 |
}
|
|
|
33 |
} elsif ($FORM->{action} eq "Reset") {
|
|
|
34 |
if ($userref = getUser($FORM->{email})) {
|
|
|
35 |
if ($userref->{RCid} eq $query->param('RCid')) {
|
|
|
36 |
&resetPass($FORM->{email});
|
|
|
37 |
logit($userref->{RCid}, "Automated Password Reset");
|
|
|
38 |
exit;
|
|
|
39 |
} else {
|
|
|
40 |
$USRMSGERR = "There appear to be shenanigans afoot. Please don't.";
|
|
|
41 |
$buttonValue = "Lookup";
|
|
|
42 |
}
|
|
|
43 |
} else {
|
|
|
44 |
$USRMSGERR = "There appears to be tomfoolery afoot. Please don't.";
|
|
|
45 |
$buttonValue = "Lookup";
|
|
|
46 |
}
|
|
|
47 |
}
|
|
|
48 |
|
|
|
49 |
} else {
|
|
|
50 |
$FORM->{email} = "";
|
|
|
51 |
$FORM->{action} = "";
|
|
|
52 |
$buttonValue = "Lookup";
|
|
|
53 |
}
|
|
|
54 |
|
|
|
55 |
|
|
|
56 |
print CGI::header();
|
|
|
57 |
|
|
|
58 |
#foreach (sort keys %ENV) {
|
|
|
59 |
# print "$_: $ENV{$_}\n<br>";
|
|
|
60 |
#}
|
|
|
61 |
|
|
|
62 |
printRCHeader("Password Reset");
|
|
|
63 |
print<<page1;
|
|
|
64 |
|
|
|
65 |
<FORM method=GET action=password_reset.pl> $RCid_input
|
|
|
66 |
<TR><TD colspan=2> </TD></TR>
|
|
|
67 |
<TR><TD colspan=2 align=center>$USRMSG <FONT color=red><b>$USRMSGERR</b></font></TD></TR>
|
|
|
68 |
<TR>
|
|
|
69 |
<TD valign=top align=right><b>Email Address: </b></td>
|
|
|
70 |
<TD valign=top><input type=text name=email value=$FORM->{email} $RO></TD>
|
|
|
71 |
</TR>
|
|
|
72 |
<TR><TD colspan=2> </TD></TR>
|
|
|
73 |
<TR><TD colspan=2 align=center><input type=submit name=action value=$buttonValue><input type=button name=action value=Cancel onClick="location.href='/schedule/'"></TD></TR>
|
|
|
74 |
</FORM>
|
|
|
75 |
</TABLE>
|
|
|
76 |
|
|
|
77 |
page1
|
|
|
78 |
|
|
|
79 |
sub updateDBPass {
|
|
|
80 |
my ($EM, $STR) = @_;
|
|
|
81 |
use DBI;
|
|
|
82 |
my $dsn = "DBI:mysql:database=rollerco_data;host=localhost;port=3306";
|
|
|
83 |
my $dbh = DBI->connect($dsn, 'rollerco_www', 'www-data');
|
|
|
84 |
my $sth = $dbh->prepare("update official set password = password(?) where email=?");
|
|
|
85 |
$sth->execute($STR, $EM);
|
|
|
86 |
}
|
|
|
87 |
|
|
|
88 |
sub resetPass {
|
|
|
89 |
my $email = shift;
|
|
|
90 |
|
|
|
91 |
my @chars = ("A".."Z", "a".."z", "1".."0", "(", ")", "-", "_", "*", "^", "!", "[", "]");
|
|
|
92 |
my $string;
|
|
|
93 |
$string .= $chars[rand @chars] for 1..8;
|
|
|
94 |
|
|
|
95 |
&updateDBPass($email, $string);
|
|
|
96 |
|
|
|
97 |
use RCMailer;
|
|
|
98 |
my $subject = 'RollerCon Officials Schedule Manager - Password Reset';
|
|
|
99 |
my $body = "Greetings,
|
|
|
100 |
|
|
|
101 |
It appears as though you've requested us to reset your password. We've done so, and your new password is '$string'.
|
|
|
102 |
|
|
|
103 |
We'd recommend you log in and change it to your liking at the following link:
|
|
|
104 |
|
|
|
105 |
http://officials.rollercon.com/schedule/manage_user.pl
|
|
|
106 |
|
|
|
107 |
If you didn't make this request, well, you're still the only one who received this email, and this is now your password. You should probably let us know that someone is messing with you.
|
|
|
108 |
|
|
|
109 |
-RollerCon Officiating Management
|
|
|
110 |
";
|
|
|
111 |
|
|
|
112 |
# send the message
|
|
|
113 |
EmailUser($email, $subject, $body);
|
|
|
114 |
|
|
|
115 |
|
|
|
116 |
print CGI::header();
|
|
|
117 |
print<<resetPage;
|
|
|
118 |
|
|
|
119 |
<HTML><HEAD><TITLE>RollerCon Officials Schedule Manager - Password Reset</TITLE></HEAD>
|
|
|
120 |
<body text="#000000" bgcolor="#FFFFFF" link="#0000EE" vlink="#551A8B" alink="#FF0000">
|
|
|
121 |
<TABLE>
|
|
|
122 |
<TR>
|
|
|
123 |
<TD align=right><img SRC="/logo.jpg"></TD>
|
|
|
124 |
<TD align=center valign=middle><b><font size=+3>RollerCon Official<br>Schedule Manager<br>Password Reset</font></b></TD>
|
|
|
125 |
</TR>
|
|
|
126 |
<TR><TD colspan=2> </TD></TR>
|
|
|
127 |
<TR><TD colspan=2 align=center>Your password has been reset and emailed to the address on record.<br>Please check your email (including Spam folders). </TD></TR>
|
|
|
128 |
<TR><TD colspan=2> </TD></TR>
|
|
|
129 |
<TR><TD colspan=2 align=center><a href=/schedule/>[home]</a> </TD></TR>
|
|
|
130 |
</TABLE>
|
|
|
131 |
|
|
|
132 |
resetPage
|
|
|
133 |
}
|