#!perl #!/usr/bin/perl # # Module functions : # user.cgi?mo=registration - register user # user.cgi?mo=change - change user detaios # user.cgi?mo=activate&user=username - activate specified user # user.cgi?mo=reminder - remind password # # Used templates : # user/register # user/register-rules # user/saved # user/notfound # user/edit # user/change-instruction # user/changes-saved # user/error # user/error-row # email/welcome_act # email/welcome # user/active # user/remind-password # user/remind-confirm # #--------------------------------------------------- use strict; use lib 'objects'; use Template; use CommonLibrary; use Hrefs; use CGI::Minimal; use SQLHandler; use Settings; use user; use Email; use Authentication; $| = 1; my $Settings = Settings->new; my $cgi = CGI::Minimal->new; &error( "request truncated", __LINE__ ) if $cgi->truncated; my $sql = SQLHandler->init() || &error( "no data connection", __LINE__ ); my $href = Hrefs->init || &error( "hypertext problem", __LINE__ ); &show_or_handle_mode( $cgi->param( 'mo' ) ); exit; sub show_or_handle_mode { # # a subroutine to run the gauntlet of modes # my( $mo ) = @_; $mo = $cgi->param( '_mo' ) if $mo eq 'redux'; # $mo='change'; if ( $mo eq 'registration' ) { &show_register_page; } elsif ( $mo eq 'handle-registration' ) { &handle_registration; } elsif ( $mo eq 'change' ) { &show_change_details; } elsif ( $mo eq 'handle-change' ) { &handle_change_details; } elsif ( $mo eq 'activate' ) { &activate_account; } elsif ( $mo eq 'reminder' ) { &remind_password; } elsif ( $mo eq 'handlereminder' ) { &handle_reminder; } elsif ( $mo eq 'account-auth' ) { &handle_authentication; } } #----------------------------------------------------------------- sub handle_authentication { # # handle the authentication process # if( Authentication->authenticate_user($sql, $cgi, $href)) { return &show_or_handle_mode( 'redux' ); } &show_authentication_form($cgi, $href, 'user'); undef; } #----------------------------------------------------------------- sub show_register_page { # # show main registration page # #------ build common header &print_response(&build_common_header); my $tmpl = Template->init('user/register'); &error( $tmpl->errstr, __LINE__ ) if $tmpl->errstr; $tmpl->set_type('raw'); $tmpl->set_token(1, qq||); $tmpl->set_token(2, qq||); $tmpl->set_token(3, qq||); $tmpl->set_token(4, qq||); $tmpl->set_token(5, qq||); $tmpl->set_token(6, qq||); $tmpl->set_token(7, qq||); $tmpl->set_token(8, qq||); $tmpl->set_token(9, qq||); $tmpl->set_token(10, qq||); $tmpl->set_token(11, qq||); $tmpl->set_token(12, qq||); $tmpl->set_token(13, qq||); $tmpl->set_token(14, qq||); $tmpl->set_token(15, qq||); $tmpl->set_token(16, qq||); $tmpl->set_token(17, qq||); my $tmpl2 = Template->init('user/register-rules'); &error( $tmpl->errstr, __LINE__ ) if $tmpl->errstr; $tmpl->set_token(18, $tmpl2->merge ); my $url = $href->user; $tmpl->set_token(19, qq| |); &print_response($tmpl->merge); #common footer &print_response(&build_footer); } #----------------------------------------------------------------- sub handle_registration { # # Handles user registration # my %errors; #------ build common header &print_response(&build_common_header); my $user = user->init(); $user->set_value('id' , $cgi->param('username')); $user->set_value('password' , $cgi->param('password')); $user->set_value('firstname' , $cgi->param('firstname')); $user->set_value('lastname' , $cgi->param('lastname')); $user->set_value('email' , $cgi->param('email')); $user->set_value('phone' , $cgi->param('phone')); $user->set_value('phone2' , $cgi->param('phone2')); $user->set_value('fax' , $cgi->param('fax')); $user->set_value('address' , $cgi->param('address')); $user->set_value('city' , $cgi->param('city')); $user->set_value('province' , $cgi->param('province')); $user->set_value('zip' , $cgi->param('zip')); $user->set_value('country' , $cgi->param('country')); $user->set_value('zip' , $cgi->param('zip')); $user->set_value('emailadmin' , $cgi->param('emailadmin')); $user->set_value('emailcommon' , $cgi->param('emailcommon')); $user->set_value('emailreclam' , $cgi->param('emailreclam')); $user->set_value('wherehear' , $cgi->param('wherehear')); $user->set_value('countryid' , '0'); $user->set_value('active' , 'Y') if $Settings->user_activation ne 'yes'; my $year = (localtime(time))[5] + 1900; my $month = (localtime(time))[4] + 1; my $day = (localtime(time))[3] ; my $sqldate = sprintf('%04d-%02d-%02d', $year, $month, $day); $user->set_value('joindate', $sqldate); if($cgi->param('password') ne $cgi->param('password-2')) { $errors{'password2'} = 'Password not match'; } &check_user($user, \%errors); if(scalar(keys %errors)>0) { &print_errors(\%errors); } else { $sql->save_user_info($user); &error( $sql->errstr, __LINE__ ) if $sql->errstr; my $tmpl=Template->init('user/saved'); &error( $tmpl->errstr, __LINE__ ) if $tmpl->errstr; &print_response($tmpl->merge); &send_welcome_email($user); } #common footer &print_response(&build_footer); undef; } #----------------------------------------------------------------- sub check_user { my ($user, $err, $option) = @_; if($option ne 'edit') { my $userrec = $sql->user_info($user->id); if($$userrec[0] ne '') { $$err{'username'} = 'Username already exist'; } } if($user->id eq '') { $$err{'usename2'} = 'Username must be valid'; } if($user->password eq '' or length($user->password)<5 ) { $$err{'password'} = 'Password must be at least 5 characters'; } if($user->firstname eq '' or length($user->firstname)<5 ) { $$err{'firstname'} = 'Firstname must be at least 5 characters'; } if($user->lastname eq '' or length($user->lastname)<5 ) { $$err{'firstname'} = 'Password must be at least 5 characters'; } if($user->address eq '' or length($user->address)<5 ) { $$err{'address'} = 'Street address must be at least 5 characters'; } } #----------------------------------------------------------------- sub show_change_details { # # shows edit page # my $username = Authentication->verify_user( $sql ); if ( $username eq '' ) { &show_authentication_form($cgi, $href, 'user'); return undef; } # my $username = $cgi->param('user'); my $user = user->init($sql->user_info($username)); &error( $sql->errstr, __LINE__ ) if $sql->errstr; if($user->id eq '') { #------ build common header &print_response(&build_common_header); my $tmpl = Template->init('user/notfound'); &error( $tmpl->errstr, __LINE__ ) if $tmpl->errstr; &print_response($tmpl->merge); return; } #------ build common header &print_response(&build_common_header); my $tmpl = Template->init('user/edit'); &error( $tmpl->errstr, __LINE__ ) if $tmpl->errstr; $tmpl->set_type('raw'); my $url = $href->user; $tmpl->set_token(1, qq||); my $firstname=$user->firstname; $tmpl->set_token(6, qq||); my $lastname=$user->lastname; $tmpl->set_token(7, qq||); my $email=$user->email; $tmpl->set_token(8, qq||); my $phone = $user->phone; $tmpl->set_token(9, qq||); my $phone2 = $user->phone2; $tmpl->set_token(10, qq||); my $fax = $user->fax; $tmpl->set_token(11, qq||); my $address=$user->address; $tmpl->set_token(12, qq||); my $city = $user->city; $tmpl->set_token(13, qq||); my $province=$user->province; $tmpl->set_token(14, qq||); my $zip = $user->zip; $tmpl->set_token(15, qq||); my $country = $user->country; $tmpl->set_token(16, qq||); my $emailadmin=$user->emailadmin; $tmpl->set_token(17, qq||); my $emailcommon = $user->emailcommon; $tmpl->set_token(18, qq||); my $emailreclam = $user->emailreclam; $tmpl->set_token(19, qq||); my $tmpl2 = Template->init('user/change-instruction'); &error( $tmpl->errstr, __LINE__ ) if $tmpl->errstr; $tmpl->set_token(20, $tmpl2->merge ); $tmpl->set_token(21, qq| |); &print_response($tmpl->merge); #common footer &print_response(&build_footer); } #----------------------------------------------------------------- sub handle_change_details { # #handle changes # my $username = Authentication->verify_user( $sql ); if ( $username eq '' ) { &show_authentication_form($cgi, $href, 'user'); return undef; } # my $username = $cgi->param('username'); my $user = user->init($sql->user_info($username)); &error( $sql->errstr, __LINE__ ) if $sql->errstr; if($user->id eq '') { #------ build common header &print_response(&build_common_header); my $tmpl = Template->init('user/notfound'); &error( $tmpl->errstr, __LINE__ ) if $tmpl->errstr; &print_response($tmpl->merge); #common footer &print_response(&build_footer); return; } my %errors; if($cgi->param('chpassword')) { if($cgi->param('password') ne $cgi->param('password-2')) { $errors{'password2'} = 'Password not match'; } else { $user->set_value('password', $cgi->param('password')); } } else { $user->set_value('firstname' , $cgi->param('firstname')); $user->set_value('lastname' , $cgi->param('lastname')); $user->set_value('email' , $cgi->param('email')); $user->set_value('phone' , $cgi->param('phone')); $user->set_value('phone2' , $cgi->param('phone2')); $user->set_value('fax' , $cgi->param('fax')); $user->set_value('address' , $cgi->param('address')); $user->set_value('city' , $cgi->param('city')); $user->set_value('province' , $cgi->param('province')); $user->set_value('zip' , $cgi->param('zip')); $user->set_value('country' , $cgi->param('country')); $user->set_value('zip' , $cgi->param('zip')); $user->set_value('emailadmin' , $cgi->param('emailadmin')); $user->set_value('emailcommon' , $cgi->param('emailcommon')); $user->set_value('emailreclam' , $cgi->param('emailreclam')); $user->set_value('wherehear' , $cgi->param('wherehear')); } &check_user($user, \%errors, 'edit'); &print_response(&build_common_header); if(scalar(keys %errors)>0) { &print_errors(\%errors); } else { $sql->save_user_info($user); &error( $sql->errstr, __LINE__ ) if $sql->errstr; # --- print save message my $tmpl=Template->init('user/changes-saved'); &error( $tmpl->errstr, __LINE__ ) if $tmpl->errstr; &print_response($tmpl->merge); } &print_response(&build_footer); } #----------------------------------------------------------------- sub print_errors { my ($errors) =@_; my $tmpl = Template->init('user/error'); &error( $tmpl->errstr, __LINE__ ) if $tmpl->errstr; my $rowtmpl = Template->init('user/error-row'); &error( $tmpl->errstr, __LINE__ ) if $tmpl->errstr; my $html; foreach my $key (keys (%{$errors}) ) { $rowtmpl->set_token(1, $$errors{$key}); $html .= $rowtmpl->merge; } $tmpl->set_token(1, $html, 'raw'); &print_response($tmpl->merge); } #----------------------------------------------------------------- sub send_welcome_email { # # Send welcome email # my ($user) = @_; my $tmpl=Template->init('email/welcome_act'); &error( $tmpl->errstr, __LINE__ ) if $tmpl->errstr; $tmpl=Template->init('email/welcome') if $Settings->user_activation ne 'yes'; &error( $tmpl->errstr, __LINE__ ) if $tmpl->errstr; $tmpl->set_token(1, $user->id); $tmpl->set_token(2, $href->user_activation($user->id)); $tmpl->set_token(3, $user->password); my $fullname = $user->firstname . ' ' . $user->lastname; my $useremail = $user->email; my $email = Email->new; $email->set_header('To', qq|$fullname <$useremail>|); $email->set_header('From' , $Settings->admin_email); $email->set_subject('AWT registration'); $email->set_header('X-REMOTE-HOST', $ENV{'REMOTE_HOST'}) if $ENV{'REMOTE_HOST'}; $email->set_header('X-REMOTE-ADDR', $ENV{'REMOTE_ADDR'}) if $ENV{'REMOVE_ADDR'}; $email->set_header('X-template', 'email-welcome'); $email->add_body($tmpl->merge); $email->send; } #----------------------------------------------------------------- sub activate_account { my $username = $cgi->param('user'); my $user = user->init($sql->user_info($username)); &error( $sql->errstr, __LINE__ ) if $sql->errstr; if($user->id eq '') { #------ build common header &print_response(&build_common_header); my $tmpl = Template->init('user/notfound'); &error( $tmpl->errstr, __LINE__ ) if $tmpl->errstr; &print_response($tmpl->merge); #common footer &print_response(&build_footer); return; } $user->set_value('active' , 'Y'); $sql->save_user_info($user); &error( $sql->errstr, __LINE__ ) if $sql->errstr; #------ build common header &print_response(&build_common_header); my $tmpl = Template->init('user/active'); &error( $tmpl->errstr, __LINE__ ) if $tmpl->errstr; $tmpl->set_token(1, $user->id); $tmpl->set_token(2, $href->login($user->id)); &print_response($tmpl->merge); #common footer &print_response(&build_footer); return; } #----------------------------------------------------------------- sub remind_password { # # remind password form # #------ build common header &print_response(&build_common_header); my $tmpl = Template->init('user/remind-password'); &error( $tmpl->errstr, __LINE__ ) if $tmpl->errstr; my $action_href = $href->user; $tmpl->set_token(1, qq|| ,'raw'); &print_response($tmpl->merge); #common footer &print_response(&build_footer); return; } #----------------------------------------------------------------- sub handle_reminder { my $username = $cgi->param('user'); my $user = user->init($sql->user_info($username)); &error( $sql->errstr, __LINE__ ) if $sql->errstr; if($user->id eq '') { #------ build common header &print_response(&build_common_header); my $tmpl = Template->init('user/notfound'); &error( $tmpl->errstr, __LINE__ ) if $tmpl->errstr; &print_response($tmpl->merge); #common footer &print_response(&build_footer); return; } my $tmpl=Template->init('email/remind-password'); &error( $tmpl->errstr, __LINE__ ) if $tmpl->errstr; $tmpl->set_token(1, $user->id); $tmpl->set_token(2, $user->password); $tmpl->set_token(3, $ENV{'REMOTE_HOST'} . ' : ' . $ENV{'REMOVE_ADDR'} ); my $fullname = $user->firstname . ' ' . $user->lastname; my $useremail = $user->email; my $email = Email->new; $email->set_header('To', qq|$fullname <$useremail>|); $email->set_header('From' , $Settings->admin_email); $email->set_subject('AWT password reminder'); $email->set_header('X-REMOTE-HOST', $ENV{'REMOTE_HOST'}) if $ENV{'REMOTE_HOST'}; $email->set_header('X-REMOTE-ADDR', $ENV{'REMOTE_ADDR'}) if $ENV{'REMOVE_ADDR'}; $email->set_header('X-template', 'email-remind-password'); $email->add_body($tmpl->merge); $email->send; #------ build common header &print_response(&build_common_header); my $tmpl = Template->init('user/remind-confirm'); &error( $tmpl->errstr, __LINE__ ) if $tmpl->errstr; &print_response($tmpl->merge); #common footer &print_response(&build_footer); } #-----------------------------------------------------------------