search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bug 16034 - DBRev 16.12.00.010
[koha.git] / members / member-password.pl
blob1008cb60b634bf2d248de162a18e8c920c046e9b
1 #!/usr/bin/perl
2 #script to set the password, and optionally a userid, for a borrower
3 #written 2/5/00
4 #by chris@katipo.co.nz
5 #converted to using templates 3/16/03 by mwhansen@hmc.edu
6
7 use strict;
8 use warnings;
9
10 use C4::Auth;
11 use Koha::AuthUtils;
12 use C4::Output;
13 use C4::Context;
14 use C4::Members;
15 use C4::Circulation;
16 use CGI qw ( -utf8 );
17 use C4::Members::Attributes qw(GetBorrowerAttributes);
18 use Koha::Patron::Images;
19 use Koha::Token;
20
21 use Koha::Patron::Categories;
22
23 use Digest::MD5 qw(md5_base64);
24 use Encode qw( encode );
25
26 my $input = new CGI;
27
28 my $theme = $input->param('theme') || "default";
29
30 # only used if allowthemeoverride is set
31
32 my ( $template, $loggedinuser, $cookie, $staffflags ) = get_template_and_user(
33 {
34 template_name => "members/member-password.tt",
35 query => $input,
36 type => "intranet",
37 authnotrequired => 0,
38 flagsrequired => { borrowers => 1 },
39 debug => 1,
40 }
41 );
42
43 my $flagsrequired;
44 $flagsrequired->{borrowers} = 1;
45
46 my $member = $input->param('member');
47 my $cardnumber = $input->param('cardnumber');
48 my $destination = $input->param('destination');
49 my $newpassword = $input->param('newpassword');
50 my $newpassword2 = $input->param('newpassword2');
51
52 my @errors;
53
54 my ($bor) = GetMember( 'borrowernumber' => $member );
55
56 if ( ( $member ne $loggedinuser ) && ( $bor->{'category_type'} eq 'S' ) ) {
57 push( @errors, 'NOPERMISSION' )
58 unless ( $staffflags->{'superlibrarian'} || $staffflags->{'staffaccess'} );
59
60 # need superlibrarian for koha-conf.xml fakeuser.
61 }
62
63 push( @errors, 'NOMATCH' ) if ( ( $newpassword && $newpassword2 ) && ( $newpassword ne $newpassword2 ) );
64
65 my $minpw = C4::Context->preference('minPasswordLength');
66 push( @errors, 'SHORTPASSWORD' ) if ( $newpassword && $minpw && ( length($newpassword) < $minpw ) );
67
68 if ( $newpassword && !scalar(@errors) ) {
69
70 die "Wrong CSRF token"
71 unless Koha::Token->new->check_csrf({
72 id => Encode::encode( 'UTF-8', C4::Context->userenv->{id} ),
73 secret => md5_base64( Encode::encode( 'UTF-8', C4::Context->config('pass') ) ),
74 token => scalar $input->param('csrf_token'),
75 });
76
77 my $digest = Koha::AuthUtils::hash_password( scalar $input->param('newpassword') );
78 my $uid = $input->param('newuserid') || $bor->{userid};
79 my $dbh = C4::Context->dbh;
80 if ( Koha::Patrons->find( $member )->update_password($uid, $digest) ) {
81 $template->param( newpassword => $newpassword );
82 if ( $destination eq 'circ' ) {
83 print $input->redirect("/cgi-bin/koha/circ/circulation.pl?findborrower=$cardnumber");
84 }
85 else {
86 print $input->redirect("/cgi-bin/koha/members/moremember.pl?borrowernumber=$member");
87 }
88 }
89 else {
90 push( @errors, 'BADUSERID' );
91 }
92 }
93 else {
94 my $userid = $bor->{'userid'};
95
96 my $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
97 my $length = int( rand(2) ) + C4::Context->preference("minPasswordLength");
98 my $defaultnewpassword = '';
99 for ( my $i = 0 ; $i < $length ; $i++ ) {
100 $defaultnewpassword .= substr( $chars, int( rand( length($chars) ) ), 1 );
101 }
102
103 $template->param( defaultnewpassword => $defaultnewpassword );
104 }
105
106 if ( $bor->{'category_type'} eq 'C') {
107 my $patron_categories = Koha::Patron::Categories->search_limited({ category_type => 'A' }, {order_by => ['categorycode']});
108 $template->param( 'CATCODE_MULTI' => 1) if $patron_categories->count > 1;
109 $template->param( 'catcode' => $patron_categories->next ) if $patron_categories->count == 1;
110 }
111
112 $template->param( adultborrower => 1 ) if ( $bor->{'category_type'} eq 'A' );
113
114 my $patron_image = Koha::Patron::Images->find($bor->{borrowernumber});
115 $template->param( picture => 1 ) if $patron_image;
116
117 if ( C4::Context->preference('ExtendedPatronAttributes') ) {
118 my $attributes = GetBorrowerAttributes( $bor->{'borrowernumber'} );
119 $template->param(
120 ExtendedPatronAttributes => 1,
121 extendedattributes => $attributes
122 );
123 }
124
125 $template->param(
126 othernames => $bor->{'othernames'},
127 surname => $bor->{'surname'},
128 firstname => $bor->{'firstname'},
129 borrowernumber => $bor->{'borrowernumber'},
130 cardnumber => $bor->{'cardnumber'},
131 categorycode => $bor->{'categorycode'},
132 category_type => $bor->{'category_type'},
133 categoryname => $bor->{'description'},
134 address => $bor->{address},
135 address2 => $bor->{'address2'},
136 streettype => $bor->{streettype},
137 city => $bor->{'city'},
138 state => $bor->{'state'},
139 zipcode => $bor->{'zipcode'},
140 country => $bor->{'country'},
141 phone => $bor->{'phone'},
142 phonepro => $bor->{'phonepro'},
143 mobile => $bor->{'mobile'},
144 email => $bor->{'email'},
145 emailpro => $bor->{'emailpro'},
146 branchcode => $bor->{'branchcode'},
147 userid => $bor->{'userid'},
148 destination => $destination,
149 is_child => ( $bor->{'category_type'} eq 'C' ),
150 activeBorrowerRelationship => ( C4::Context->preference('borrowerRelationship') ne '' ),
151 minPasswordLength => $minpw,
152 RoutingSerials => C4::Context->preference('RoutingSerials'),
153 csrf_token => Koha::Token->new->generate_csrf({
154 id => Encode::encode( 'UTF-8', C4::Context->userenv->{id} ),
155 secret => md5_base64( Encode::encode( 'UTF-8', C4::Context->config('pass') ) ),
156 }),
157 );
158
159 if ( scalar(@errors) ) {
160 $template->param( errormsg => 1 );
161 foreach my $error (@errors) {
162 $template->param($error) || $template->param( $error => 1 );
163 }
164 }
165
166 output_html_with_http_headers $input, $cookie, $template->output;
Koha ILS