You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
462 lines
15 KiB
462 lines
15 KiB
#!/usr/bin/perl
|
|
#
|
|
# $Id: regsas.pl,v 1.21 2006/11/28 21:07:48 psims Exp $
|
|
#
|
|
# Source File: regsas.pl
|
|
|
|
# Set variables local to this code file.
|
|
|
|
# HBI Shorten validation key to less characters.
|
|
%Long_Val_Client = () ;
|
|
# Inital value, no clients use the long validation string.
|
|
# This is a global that could be modified in sitecfg.pl
|
|
my $Short_Val_off = 1 ; # Start with the second digit of the computed value.
|
|
my $Short_Val_len = 3 ; # Use three characters.
|
|
|
|
# Get config
|
|
require 'sitecfg.pl';
|
|
require 'testlib.pl';
|
|
|
|
&app_initialize;
|
|
|
|
&setbrowsertype();
|
|
if ($FORM{'newsas'} ne "") {
|
|
$SESSION{'clid'} = $FORM{'clid'};
|
|
$SESSION{'lang'} = $FORM{'lang'};
|
|
&get_client_configuration();
|
|
&LanguageSupportInit();
|
|
if ($FORM{'dbop'} eq 'save') {
|
|
&get_client_profile($SESSION{'clid'});
|
|
if (&adduidreq($SESSION{'clid'},$FORM{'uidreq'},$FORM{'pwdreq'})) {
|
|
$FORM{'uid'}=$FORM{'uidreq'};
|
|
$CANDIDATE{'uid'}=$FORM{'uidreq'};
|
|
$FORM{'clid'}=$SESSION{'clid'};
|
|
&get_candidate_profile($SESSION{'clid'}, $FORM{'uid'}, $opts);
|
|
&send_the_mail("$CLIENT{'clid'}.emlsend", "testmanager.com Personal Validation Key", $FORM{'eml'}) unless $CLIENT{'emlval'} ne "Y";
|
|
$FORM{'uac'}='sas';
|
|
&init_session;
|
|
&LanguageSupportInit();
|
|
my $opts = { restrict_to_availability_window => 1 };
|
|
&get_candidate_profile($SESSION{'clid'}, $SESSION{'uid'}, $opts);
|
|
&log_entry($SESSION{'clid'}, $SESSION{'uid'}, "1");
|
|
$FORM{'notice'} = $SYSTEM{'message'};
|
|
$CANDIDATE{'badid'}="";
|
|
} else {
|
|
&get_candidate_profile($SESSION{'clid'}, $FORM{'uid'});
|
|
if ($FORM{'allowin'} ne "Y") {
|
|
$CANDIDATE{'firstlogin'}="";
|
|
$CANDIDATE{'new'}="Y";
|
|
$errmess = $xlatphrase[758];
|
|
$CANDIDATE{'badid'}="$xlatphrase[758]";
|
|
}
|
|
}
|
|
|
|
#$CANDIDATE{'sal'}="";
|
|
#$CANDIDATE{'nmf'}=$FORM{'nmf'};
|
|
#$CANDIDATE{'nmm'}=$FORM{'nmm'};
|
|
#$CANDIDATE{'nml'}=$FORM{'nml'};
|
|
#$CANDIDATE{'adr'}=$FORM{'adr'};
|
|
#$CANDIDATE{'cty'}=$FORM{'cty'};
|
|
#$CANDIDATE{'ste'}=$FORM{'ste'};
|
|
#$CANDIDATE{'pst'}=$FORM{'pst'};
|
|
#$CANDIDATE{'ctry'}=$FORM{'ctry'};
|
|
#$CANDIDATE{'eml'}=$FORM{'eml'};
|
|
#$CANDIDATE{'cnd1'}=$FORM{'cnd1'};
|
|
#$CANDIDATE{'cnd2'}=$FORM{'cnd2'};
|
|
#$CANDIDATE{'cnd3'}=$FORM{'cnd3'};
|
|
#$CANDIDATE{'cnd4'}=$FORM{'cnd4'};
|
|
#$CANDIDATE{'uid'}=$FORM{'uid'};
|
|
if ($CANDIDATE{'badid'} eq "$xlatphrase[758]") {
|
|
if ($errmess2 ne '') { #This is the fast way to patch error messages
|
|
$FORM{'badid'} = $errmess2;
|
|
} else {
|
|
$FORM{'badid'} = $errmess unless $errmess eq '';
|
|
}
|
|
print "Content-Type: text/html\n\n";
|
|
&show_template("regsas");
|
|
} else {
|
|
$vars{'home'} = "client";
|
|
$vars{'lang'} = "$FORM{'lang'}";
|
|
$vars{'uid'} = "$CANDIDATE{'uid'}";
|
|
$vars{'pwd'} = "$CANDIDATE{'pwd'}";
|
|
$vars{'clid'} = "$SESSION{'clid'}";
|
|
$vars{'cnd'} = "Login";
|
|
$vars{'newsas'} = "";
|
|
$vars{'dbop'} = "$FORM{'dbop'}";
|
|
|
|
&redirect("login", \%vars);
|
|
}
|
|
}
|
|
} else {
|
|
if (&get_session($FORM{'tid'})) {
|
|
&LanguageSupportInit();
|
|
if ($FORM{'lang'} eq "") { $FORM{'lang'} = $SESSION{'lang'}; }
|
|
if ($FORM{'dbop'} eq 'logout') {
|
|
$indextemplate = ($SESSION{'clid'} eq 'std') ? "shome" : "cindex";
|
|
if ($SESSION{'clid'} ne 'std') {&get_client_profile($SESSION{'clid'});}
|
|
print "Content-Type: text/html\n\n";
|
|
&show_template("$indextemplate");
|
|
} elsif ($FORM{'dbop'} eq 'save') {
|
|
&get_client_profile($SESSION{'clid'});
|
|
&get_candidate_profile( $SESSION{'clid'}, $SESSION{'uid'});
|
|
foreach (keys %CANDIDATE) {
|
|
if (!( defined($FORM{$_}) )) {
|
|
$FORM{$_} = $CANDIDATE{$_};
|
|
}
|
|
if ($CLIENT{'savechange'} eq "N") {
|
|
$FORM{$_} = $CANDIDATE{$_} unless $_ eq 'pwd';
|
|
}
|
|
if ($_ eq 'pwd') { #Do this type of check for filters based on seperate buttons
|
|
if ($FORM{'oldpwdval'} ne $CANDIDATE{'pwd'} && $FORM{'oldpwdval'} ne '') {
|
|
$errmess = "$xlatphrase[888]";
|
|
$direction = "password";
|
|
$FORM{$_} = $CANDIDATE{$_};
|
|
} else {
|
|
$errmess = "$xlatphrase[879]" unless $FORM{'oldpwdval'} eq '';
|
|
}
|
|
}
|
|
if ($FORM{'eml'} ne $CANDIDATE{'eml'}) { #Do this type of check on every subsequent filter based revision
|
|
$FORM{'validated'} = 'N';
|
|
$continue_eml_tests = 1;
|
|
&send_the_mail("$CLIENT{'clid'}.emlsend", "testmanager.com Personal Validation Key", $FORM{'eml'}) unless $CLIENT{'emlval'} ne "Y";
|
|
$CANDIDATE{'badid'}="$xlatphrase[872]" unless $CLIENT{'emlval'} ne "Y";
|
|
&get_client_profile($SESSION{'clid'});
|
|
if ( ($CLIENT{'emlacl'} eq "Y") && ($continue_eml_tests == 1) ){
|
|
my @tempacl = &popEmlAcl($CLIENT{'clid'});
|
|
if ($CLIENT{'emlacllst'} eq "B") {
|
|
foreach (@tempacl) {
|
|
if ($FORM{'eml'} =~ /$_/g) {
|
|
$FORM{'eml'} = $CANDIDATE{'eml'};
|
|
$continue_eml_tests = 0;
|
|
$errmess = $xlatphrase[903];
|
|
}
|
|
}
|
|
}
|
|
if ($CLIENT{'emlacllst'} eq "W") {
|
|
foreach (@tempacl) {
|
|
$tempemlacltest .= $_;
|
|
}
|
|
$tmpemladr = $FORM{'eml'};
|
|
$tmpemladr =~ s/@/ /g;
|
|
$tmpemladr =~ /\w+\.\w+$/g;
|
|
$tmpemladr = $&;
|
|
if ( !($tempemlacltest =~ /$tmpemladr/) ) {
|
|
$FORM{'eml'} = $CANDIDATE{'eml'};
|
|
$continue_eml_tests = 0;
|
|
$errmess = $xlatphrase[903];
|
|
}
|
|
}
|
|
}
|
|
if ( ($CLIENT{'emlstrict'} eq "Y") && ($continue_eml_tests == 1) ) {
|
|
my $clid = $SESSION{'clid'};
|
|
my @cndcols = &get_data("cnd.$SESSION{'clid'}");
|
|
my @duplicates = grep(/$FORM{'eml'}/, @cndcols);
|
|
foreach (@duplicates) {
|
|
$errmess = $xlatphrase[904];
|
|
$continue_eml_tests = 0;
|
|
$FORM{'eml'} = $CANDIDATE{'eml'};
|
|
}
|
|
}
|
|
}
|
|
}
|
|
&put_candidate_profile($SESSION{'clid'}, $SESSION{'uid'});
|
|
&get_candidate_profile( $SESSION{'clid'}, $SESSION{'uid'});
|
|
if ($CANDIDATE{'badid'} eq "$xlatphrase[758]" || $CANDIDATE{'badid'} eq "$xlatphrase[872]") {
|
|
$vars{'home'} = "client";
|
|
$vars{'lang'} = "$FORM{'lang'}";
|
|
$vars{'uid'} = "$CANDIDATE{'uid'}";
|
|
$vars{'pwd'} = "$CANDIDATE{'pwd'}";
|
|
$vars{'clid'} = "$SESSION{'clid'}";
|
|
$vars{'cnd'} = "Login";
|
|
$vars{'badid'} = "$xlatphrase[758]" unless $CANDIDATE{'badid'} ne "$xlatphrase[758]";
|
|
$vars{'badid'} = "$xlatphrase[872]" unless $CANDIDATE{'badid'} ne "$xlatphrase[872]";
|
|
&redirect("login", \%vars);
|
|
} else {
|
|
$vars{'home'} = "client";
|
|
$vars{'lang'} = "$FORM{'lang'}";
|
|
$vars{'uid'} = "$CANDIDATE{'uid'}";
|
|
$vars{'pwd'} = "$CANDIDATE{'pwd'}";
|
|
$vars{'clid'} = "$SESSION{'clid'}";
|
|
$vars{'cnd'} = "Login";
|
|
$vars{'badid'} = $errmess unless $errmess eq '';
|
|
$vars{'direction'} = $direction unless $direction eq '';
|
|
&redirect("login", \%vars);
|
|
}
|
|
#print "Content-Type: text/html\n\n";
|
|
#&show_template("regsas");
|
|
} elsif ($FORM{'dbop'} eq 'resend') {
|
|
&resend_exit_emails($SESSION{'clid'}, $SESSION{'uid'}, $FORM{'tstid'});
|
|
$vars{'tid'} = "$SESSION{'tid'}";
|
|
$vars{'lang'} = "$SESSION{'lang'}";
|
|
&redirect("regsas", \%vars);
|
|
} else {
|
|
&get_client_profile($SESSION{'clid'});
|
|
|
|
my $opts = { restrict_to_availability_window => 1 };
|
|
&get_candidate_profile( $SESSION{'clid'}, $SESSION{'uid'}, $opts);
|
|
my $realkey = &makecndhash($CANDIDATE{'createdate'}, $CANDIDATE{'uid'});
|
|
$realkey =~ s/-//g;
|
|
# HBI Shorten validation key to less characters.
|
|
unless ($Long_Val_Client{$SESSION{'clid'}} ) {
|
|
$realkey = substr($realkey, $Short_Val_off, $Short_Val_len) ;
|
|
}
|
|
$FORM{'validationcode'} =~ s/-//g;
|
|
if ($CLIENT{'emlval'} eq "Y") { #If the client doesnt want selfreg eml validation, ignore this and go straight to regsas.
|
|
if ($CANDIDATE{'selfreg'} eq "Y" && $CANDIDATE{'validated'} eq "N") {
|
|
if ($FORM{'resendkey'} eq "Y") {
|
|
$SESSION{'message'} = "<%=PHRASE.868%>";
|
|
&send_the_mail("$CLIENT{'clid'}.emlresend", "testmanager.com Personal Validation Key", $CANDIDATE{'eml'});
|
|
print "Content-Type: text/html\n\n";
|
|
&show_template("validatesreg");
|
|
} elsif ($FORM{'validationcode'} eq $realkey) {
|
|
$FORM{'validated'} = "Y";
|
|
$FORM{'uid'} = $CANDIDATE{'uid'}; #This is because regsas is terribly broken when it treats form variables
|
|
&put_candidate_profile($SESSION{'clid'}, $SESSION{'uid'});
|
|
#&show_template("regsas");
|
|
$vars{'home'} = "client";
|
|
$vars{'lang'} = "$FORM{'lang'}";
|
|
$vars{'uid'} = "$CANDIDATE{'uid'}";
|
|
$vars{'pwd'} = "$CANDIDATE{'pwd'}";
|
|
$vars{'clid'} = "$SESSION{'clid'}";
|
|
$vars{'cnd'} = "Login";
|
|
|
|
&redirect("login", \%vars);
|
|
} else {
|
|
if ($FORM{'validationcode'} ne '') {
|
|
$SESSION{'message'} = "<%=PHRASE.867%>";
|
|
} else {
|
|
$SESSION{'message'} = "<br>";
|
|
}
|
|
print "Content-Type: text/html\n\n";
|
|
&show_template("validatesreg");
|
|
}
|
|
} elsif ($CANDIDATE{'selfreg'} eq "Y" && $CANDIDATE{'validated'} eq "Y") {
|
|
print "Content-Type: text/html\n\n";
|
|
$FORM{'allowin'} = "Y";
|
|
&show_template("regsas");
|
|
} else { #Dont punish old sreggers without a $CANDIDATE{'validated'} value, which is all of them to this point
|
|
$FORM{'allowin'} = "Y";
|
|
print "Content-Type: text/html\n\n";
|
|
&show_template("regsas");
|
|
}
|
|
} else {
|
|
print "Content-Type: text/html\n\n";
|
|
if ($errmess ne '') {
|
|
$FORM{'badid'} = $errmess;
|
|
}
|
|
&show_template("regsas");
|
|
}
|
|
}
|
|
}
|
|
}
|
|
#
|
|
# Verify that the requested id is not already
|
|
# used in admin.dat or cnd.{client}
|
|
# if not used add it to the cnd.{client} file
|
|
#
|
|
sub adduidreq {
|
|
my ($clid,$urq,$urpw) = @_;
|
|
my @crecs = &get_data("admin.dat");
|
|
my $rec;
|
|
my $i;
|
|
my $fldkey;
|
|
my $fldval;
|
|
my $trash;
|
|
my @flds;
|
|
my $retOK=1;
|
|
my @found = grep( /$urq&/ ,@crecs);
|
|
if ($#found != -1) {
|
|
#
|
|
# verify that the first field is the requested urq
|
|
# just in case grep picked it up somewhere else in the record
|
|
#
|
|
foreach $rec (@found) {
|
|
@flds=split(/&/, $rec);
|
|
if ($flds[0] eq $urq) {
|
|
$retOK=0;
|
|
$last;
|
|
}
|
|
}
|
|
}
|
|
my $cndeml = $FORM{'eml'};
|
|
if ($CLIENT{'emlacl'} eq "Y") {
|
|
my @tempacl = &popEmlAcl($SESSION{'clid'});
|
|
if ($CLIENT{'emlacllst'} eq "B") {
|
|
foreach (@tempacl) {
|
|
if ($cndeml =~ /$_/g) {
|
|
$retOK = 0;
|
|
$errmess2 = $xlatphrase[903];
|
|
}
|
|
}
|
|
}
|
|
if ($CLIENT{'emlacllst'} eq "W") {
|
|
foreach (@tempacl) {
|
|
$tempemltest .= $_;
|
|
}
|
|
$tmpemladr = $cndeml;
|
|
$tmpemladr =~ s/@/ /g;
|
|
$tmpemladr =~ /\w+\.\w+$/g;
|
|
$tmpemladr = $&; #the domain.ltd part of user@domain.ltd
|
|
if ( !($tempemltest =~/$tmpemladr/) ) {
|
|
$retOK = 0;
|
|
$errmess2 = $xlatphrase[903];
|
|
}
|
|
}
|
|
|
|
}
|
|
if ($CLIENT{'emlstrict'} eq "Y") {
|
|
my @cndcols = &get_data("cnd.$clid");
|
|
my @duplicates = grep(/$cndeml/, @cndcols);
|
|
foreach (@duplicates) {
|
|
$retOK=0;
|
|
$errmess2 = $xlatphrase[904];
|
|
}
|
|
}
|
|
if ($retOK == 1) {
|
|
@crecs = &get_data("cnd.$clid");
|
|
my $rhdr = shift @crecs;
|
|
@found = grep( /$urq&/ ,@crecs);
|
|
if ($#found != -1) {
|
|
#
|
|
# verify that the first field is the requested uid
|
|
# just in case grep picked it up somewhere else in the record
|
|
#
|
|
foreach $rec (@found) {
|
|
@flds=split(/&/, $rec);
|
|
if ($flds[0] eq $urq) {
|
|
$retOK=0;
|
|
$last;
|
|
}
|
|
}
|
|
}
|
|
if ($retOK == 1) {
|
|
#
|
|
# add the requested uid
|
|
#
|
|
$rec=$rhdr;
|
|
chop($rec);
|
|
@flds=split(/&/,$rec);
|
|
$rec = join('&',$urq,$urpw);
|
|
$FORM{'selfreg'} = "Y";
|
|
for $i (2 .. $#flds) {
|
|
$fldkey=$flds[$i];
|
|
$FORM{$fldkey} =~ tr/+/ /;
|
|
$fldval=$FORM{$fldkey};
|
|
$rec = join('&', $rec, $fldval);
|
|
}
|
|
push @crecs,"$rec\n";
|
|
my @csorted = sort @crecs;
|
|
@crecs=();
|
|
unshift @csorted,$rhdr;
|
|
$retOK=0;
|
|
|
|
|
|
#This adds createdate and validated to the new candidate stack
|
|
my $shift_hack = shift(@csorted);
|
|
$shift_hack =~ (s/authtests/createdate/);
|
|
$shift_hack =~ (s/grpid/createdby/);
|
|
$_ = $shift_hack;
|
|
if ( !(/validated/)) {
|
|
chomp $shift_hack;
|
|
$shift_hack .= '&validated'."\n";
|
|
}
|
|
if ( !(/registrar/)) {
|
|
chomp $shift_hack;
|
|
$shift_hack .= '®istrar'."\n";
|
|
}
|
|
### DED 3/26/07 These fields not yet supported
|
|
#if ( !(/cnd3/)) {
|
|
#chomp $shift_hack;
|
|
#$shift_hack .= '&cnd3'."\n";
|
|
#}
|
|
#if ( !(/cnd4/)) {
|
|
#chomp $shift_hack;
|
|
#$shift_hack .= '&cnd4'."\n";
|
|
#}
|
|
unshift (@csorted, $shift_hack);
|
|
|
|
my @labels = split('&', @csorted[0]);
|
|
my @fields;
|
|
foreach (@csorted) {
|
|
if (/^$urq&/) {
|
|
@fields = split('&', $_);
|
|
}
|
|
}
|
|
my %turbohash = (); #merge them into a hash
|
|
foreach (0..$#labels) {
|
|
$turbohash{$labels[$_]} = $fields[$_];
|
|
}
|
|
$turbohash{'createdate'} = time();
|
|
$turbohash{'createdby'} = $FORM{'uidreq'};
|
|
$turbohash{'validated'} = 'N';
|
|
#Now we have to put them all together in the same order as the key row
|
|
my $client_string; #will hold the temp. line for cnd.clientid
|
|
foreach (0..$#labels) {
|
|
chomp($labels[$_]); #chomp it because $labels[-1] is actually $labels[-1]\n
|
|
$client_string .= "&$turbohash{$labels[$_]}";
|
|
}
|
|
$client_string =~ s/^&//;
|
|
$client_string =~ s/\n//g;
|
|
$client_string =~ s/\+/ /g;
|
|
$client_string .= "\n"; #insert the \n after the chomp
|
|
foreach my $rotator (1..$#csorted) { #scary part where we insert it back into the array
|
|
if ($csorted[$rotator] =~ /^$urq&/) {
|
|
$csorted[$rotator] = $client_string;
|
|
}
|
|
}
|
|
|
|
|
|
my $tmpfile = join($pathsep, $dataroot, "cnd.$clid");
|
|
my $existed=&file_exists($tmpfile);
|
|
if ( open (TMPFILE, ">$tmpfile") ) {
|
|
for $i (0 .. $#csorted) {
|
|
print TMPFILE "$csorted[$i]";
|
|
}
|
|
close TMPFILE;
|
|
if ($existed==0) {
|
|
$chmodok = chmod 0666, $_[0];
|
|
}
|
|
$retOK=1;
|
|
}
|
|
@csorted=();
|
|
}
|
|
}
|
|
#
|
|
# clean up
|
|
#
|
|
@flds=();
|
|
@found=();
|
|
@crecs=();
|
|
return $retOK;
|
|
}
|
|
|
|
|
|
|
|
sub send_the_mail { #This is a special function to send the validation key email. Shouldn't ever be needed outside this file.
|
|
my $mmfrom = $CLIENT{'email_from'};
|
|
my $eml_txt = join( $pathsep, $dataroot, $_[0]);
|
|
my $mmsubj = $_[1];
|
|
my $mmto = $_[2];
|
|
my $hash_createdate = &get_a_key("cnd.$SESSION{'clid'}", $CANDIDATE{'uid'}, "createdate");
|
|
my $mmbody = '';
|
|
if ( open(EMLBODY, "<$eml_txt") ) {
|
|
foreach (<EMLBODY>) {
|
|
$mmbody .= $_;
|
|
close(EMLBODY);
|
|
}
|
|
} else {
|
|
$mmbody = "Thank you for registering at $ENV{'HTTP_HOST'}. Your personal Registration Code is <%=NOP_valkey%>. You will only have to enter it once.\n"
|
|
}
|
|
#insert customized regex here
|
|
my $valkey = &makecndhash($hash_createdate, $CANDIDATE{'uid'});
|
|
#print STDERR "valkey = $valkey, hash_createdate = $hash_createdate, uid = $CANDIDATE{'uid'}\n"; #uncomment this to see all necessary validation key info
|
|
# HBI Shorten validation key to less characters.
|
|
unless ($Long_Val_Client{$SESSION{'clid'}} ) {
|
|
$valkey =~ s/-//g;
|
|
$valkey = substr($valkey, $Short_Val_off, $Short_Val_len) ;
|
|
}
|
|
$mmbody =~ s/\<%=NOP_valkey%\>/$valkey/g;
|
|
$mmbody = &xlatline($mmbody, '', 0);
|
|
&send_mail($mmfrom, $mmto, $mmsubj, $mmbody);
|
|
}
|
|
|
|
|