Rooba
/
boinc
mirror of https://github.com/BOINC/boinc.git
1
0
Fork 0
Code Issues 1 Packages Projects Releases Wiki Activity

- user web: clean up logic for dealing with forgotten password: 

- login form now has ONLY email/passwd
        ("login with account key" is gone)
    - "forgot password?" takes you to a page with two options:
        1) type in email address, get an email with login link
        2) instructions for recovering account key from BOINC account file
    - email is stripped-down, has login link and not much else

    fixes #190

svn path=/trunk/boinc/; revision=14263
This commit is contained in:
David Anderson 2007-11-20 00:23:02 +00:00
parent 36ec89fd5d
commit 79343260dd
7 changed files with 105 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
checkin_notes
View File

@ -11361,3 +11361,24 @@ David 19 Nov 2007
html/user/
forum_user_posts.php
David 19 Nov 2007
- user web: clean up logic for dealing with forgotten password:
- login form now has ONLY email/passwd
("login with account key" is gone)
- "forgot password?" takes you to a page with two options:
1) type in email address, get an email with login link
2) instructions for recovering account key from BOINC account file
- email is stripped-down, has login link and not much else
fixes #190
html/
inc/
email.inc
util.inc
user/
get_passwd.php
login_action.php
mail_passwd.php
white.css

40
html/inc/email.inc
View File

@ -65,56 +65,32 @@ function send_auth_email($user, $is_new) {
$body = "";
if ($is_new) {
$subject = PROJECT." account confirmation for $user->name";
$subject = PROJECT." account confirmation";
$body = "Welcome to ".PROJECT.".
This email confirms your account with ".PROJECT.":
Project URL: $master_url
User name: $user->name
E-mail: $user->email_addr
Account Key: $user->authenticator
(use this to log in if you forget your password)
";
} else {
$subject = PROJECT." information for $user->name";
$body = "Your ".PROJECT." account information is:
$subject = PROJECT." account information";
$body = "This email was sent in reponse to a request on the ".PROJECT." web site.
Project URL: $master_url
User name: $user->name
E-mail: $user->email_addr
Account Key: $user->authenticator
(use this to log in if you forget your password)
To log in to your ".PROJECT." account, visit:
".$master_url."login_action.php?key=$user->authenticator
After logging in, you can change your account's password or email address.
";
}
$body .= "
For further information and assistance with ".PROJECT." go to
For further information and assistance with ".PROJECT.", visit
$master_url
";
return send_email($user, $subject, $body);
}
// Function simply outputs some text letting the user know
// their authenticator was emailed to them.
//
function email_sent_message($email_addr) {
if (defined('EMAIL_FROM')) {
$email_from = EMAIL_FROM;
} else {
$email_from = URL_BASE;
}
echo "
Your Account Key has been emailed to $email_addr.
<p>
If the email doesn't arrive in a few minutes,
your ISP may be blocking it as spam.
In this case please contact your ISP and
ask them to not block email from $email_from.
";
}
// a valid email address is of the form A@B.C
// where A, B, C are nonempty,
// A and B don't contain @ or .,

15
html/inc/util.inc
View File

@ -368,25 +368,14 @@ function print_login_form_aux($next_url, $user) {
<input type=hidden name=next_url value='$next_url'>
";
start_table();
row1("Log in with email/password");
row2("Email address:", '<input name="email_addr" size="40" tabindex="1">');
row2("Password:<br><font size=-2><a href=edit_passwd_form.php>Forgot password?</a>",
row2("Password:<br><font size=-2><a href=get_passwd.php>Forgot password?</a>",
'<input type="password" name="passwd" size="40" tabindex="2">'
);
row2("", '<input type="submit" name="mode" value="Log in with email/password" tabindex="3">');
row1("Log in with account key");
row2("Your account key:
<br><font size=-2>
If you don't know your account key,
<a href=get_passwd.php>click here</a>.
</font>",
"<input name=authenticator size=40>"
);
row2("", "<input type=submit name=mode value='Log in with account key'>");
row1("Stay logged in");
row2("Stay logged in on this computer",
"<input type=checkbox name=send_cookie checked>"
);
row2("", '<input type="submit" name="mode" value="Log in" tabindex="3">');
if ($user) {
row1("Log out");
row2("You are logged in as $user->name",

57
html/user/get_passwd.php
View File

@ -4,16 +4,63 @@ require_once("../inc/db.inc");
require_once("../inc/util.inc");
require_once("../inc/user.inc");
page_head("Get account key");
page_head("Forgot your password?");
echo "
<h3>Get email instructions for setting your password</h3>
";
echo "<form method=post action=mail_passwd.php>\n";
start_table();
echo "<form method=post action=mail_passwd.php>\n";
row2("Email address","<input size=40 name=email_addr>");
row2("", "<input type=submit value=OK>");
echo "</table></form>
Your account key will be emailed to you.
You should receive it in a few minutes.<p>
echo "</form>";
end_table();
echo "
<p>
<h3>If your account's email address is no longer valid</h3>
If you have run BOINC under the account,
you can access the account
even if you don't know the password and the email
address is no longer valid. Here's how:
<ul>
<li> Go to the BOINC directory on your computer
(on Windows this is usually <b>C:\\Program Files\BOINC</b>.
<li> Find your account file for this project;
this will have a name like <b>account_lhcathome.cern.ch.xml</b>
(where the project URL is <b>http://lhcathome.cern.ch</b>).
<li> Open the file in a text editor like Notepad.
You'll see something like
<pre>
&lt;account>
&lt;master_url>http://lhcathome.cern.ch/&lt;/master_url>
&lt;authenticator>8b8496fdd26df7dc0423ecd43c09a56b&lt;/authenticator>
&lt;project_name>lhcathome&lt;/project_name>
...
&lt;/account>
</pre>
<li> Select and Copy the string between &lt;authenticator>
and &lt;/authenticator>
(<b>8b8496fdd26df7dc0423ecd43c09a56b</b> in the above example).
<li> Paste the string into the field below, and click OK.
<li> You will now be logged in to your account;
update the email and password of your account.
</ul>
";
start_table();
echo "<form action=login_action.php method=post>\n";
row2("Log in with authenticator", "<input name=authenticator size=40>");
row2("", "<input type=submit value=OK>");
echo "</form>";
end_table();
page_tail();

5
html/user/login_action.php
View File

@ -6,13 +6,12 @@ require_once("../inc/user.inc");
init_session();
$mode = post_str("mode", true);
// First check for email/password case
//
$email_addr = strtolower(process_user_text(post_str("email_addr", true)));
$passwd = stripslashes(post_str("passwd", true));
if ($mode == "Log in with email/password") {
if ($email_addr && $passwd) {
$user = lookup_user_email_addr($email_addr);
if (!$user) {
error_page("No account found with email address $email_addr");

23
html/user/mail_passwd.php
View File

@ -1,10 +1,27 @@
<?php
require_once("../inc/db.inc");
require_once("../inc/boinc_db.inc");
require_once("../inc/util.inc");
require_once("../inc/email.inc");
require_once("../project/project.inc");
db_init();
function email_sent_message($email_addr) {
if (defined('EMAIL_FROM')) {
$email_from = EMAIL_FROM;
} else {
$email_from = URL_BASE;
}
page_head("Email sent");
echo "
Instructions have been emailed to $email_addr.
<p>
If the email doesn't arrive in a few minutes,
your ISP may be blocking it as spam.
In this case please contact your ISP and
ask them to not block email from $email_from.
";
}
$email_addr = process_user_text(strtolower($_POST["email_addr"]));
if (!strlen($email_addr)) {
@ -23,11 +40,11 @@ if (!$user) {
echo "This account has been administratively disabled.";
} else {
$user->email_addr = $email_addr;
page_head("Mailed account key");
$retval = send_auth_email($user, false);
if ($retval) {
email_sent_message($email_addr);
} else {
page_head("Email failed");
echo "Can't send email to $user->email_addr: $retval";
}
}

1
html/user/white.css
View File

@ -131,7 +131,6 @@ h1, h2 {
h3, h4 {
color: black;
font-size: small;
font-weight: bold;
}