gecko-dev/webtools/bugzilla/createaccount.cgi

#!/usr/bonsaitools/bin/perl -wT
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Original Code is the Bugzilla Bug Tracking System.
#
# The Initial Developer of the Original Code is Netscape Communications
# Corporation. Portions created by Netscape are
# Copyright (C) 1998 Netscape Communications Corporation. All
# Rights Reserved.
#
# Contributor(s): Terry Weissman <terry@mozilla.org>
#                 David Gardiner <david.gardiner@unisa.edu.au>
#                 Joe Robins <jmrobins@tgix.com>
#                 Christopher Aillon <christopher@aillon.com>
#                 Gervase Markham <gerv@gerv.net>

use strict;

use lib qw(.);

require "CGI.pl";

# Shut up misguided -w warnings about "used only once":
use vars qw(
  %FORM
  $template
  $vars
);

ConnectToDatabase();

# If we're using LDAP for login, then we can't create a new account here.
if(Param('useLDAP')) {
  # Just in case someone already has an account, let them get the correct
  # footer on the error message
  quietly_check_login();
  ThrowUserError("ldap_cant_create_account");
}

# Clear out the login cookies.  Make people log in again if they create an
# account; otherwise, they'll probably get confused.
my $cookiepath = Param("cookiepath");
print "Set-Cookie: Bugzilla_login= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT
Set-Cookie: Bugzilla_logincookie= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT\n";

print "Content-Type: text/html\n\n";

my $login = $::FORM{'login'};

if (defined($login)) {
    # We've been asked to create an account.
    my $realname = trim($::FORM{'realname'});
    CheckEmailSyntax($login);
    $vars->{'login'} = $login;
    
    if (!ValidateNewUser($login)) {
        # Account already exists        
        $template->process("account/exists.html.tmpl", $vars)
          || ThrowTemplateError($template->error());
        exit;
    }
    
    # Create account
    my $password = InsertNewUser($login, $realname);
    MailPassword($login, $password);
    
    $template->process("account/created.html.tmpl", $vars)
      || ThrowTemplateError($template->error());
    exit;
}

# Show the standard "would you like to create an account?" form.
$template->process("account/create.html.tmpl", $vars)
  || ThrowTemplateError($template->error());
Fix for bug 108982: enable taint mode for all user-facing CGI files. Patch by Brad Baetz <bbaetz@student.usyd.edu.au> r= jake, justdave 2002-01-20 04:44:52 +03:00			`#!/usr/bonsaitools/bin/perl -wT`
Added stuff to make it more obvious how to create an account. 1999-03-27 05:28:51 +03:00			`# -- Mode: perl; indent-tabs-mode: nil --`
			`#`
updated license boilerplate 1999-11-02 02:33:56 +03:00			`# The contents of this file are subject to the Mozilla Public`
			`# License Version 1.1 (the "License"); you may not use this file`
			`# except in compliance with the License. You may obtain a copy of`
			`# the License at http://www.mozilla.org/MPL/`
			`#`
			`# Software distributed under the License is distributed on an "AS`
			`# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or`
			`# implied. See the License for the specific language governing`
			`# rights and limitations under the License.`
			`#`
Added stuff to make it more obvious how to create an account. 1999-03-27 05:28:51 +03:00			`# The Original Code is the Bugzilla Bug Tracking System.`
updated license boilerplate 1999-11-02 02:33:56 +03:00			`#`
Added stuff to make it more obvious how to create an account. 1999-03-27 05:28:51 +03:00			`# The Initial Developer of the Original Code is Netscape Communications`
updated license boilerplate 1999-11-02 02:33:56 +03:00			`# Corporation. Portions created by Netscape are`
			`# Copyright (C) 1998 Netscape Communications Corporation. All`
			`# Rights Reserved.`
			`#`
Added stuff to make it more obvious how to create an account. 1999-03-27 05:28:51 +03:00			`# Contributor(s): Terry Weissman <terry@mozilla.org>`
			`# David Gardiner <david.gardiner@unisa.edu.au>`
fixes for 51184, 51185, 51186: allow for ldap authentication. patches by jmrobins@tgix.com (Joe Robins). LDAP sections haven't been tested yet, but the code is arranged such that it shouldn't disturb existing user authentication system. 2000-09-15 22:35:18 +04:00			`# Joe Robins <jmrobins@tgix.com>`
Fix for bug 93388: Full name should be trimmed of whitespace before going into database. r1=Zach Lipton <zach@zachlipton.com> r2=Andreas Franke <afranke@ags.uni-sb.de>. Patch by Christopher Aillon <caillon@returnzero.com>. 2001-09-23 21:20:50 +04:00			`# Christopher Aillon <christopher@aillon.com>`
Bug 117509 - createaccount.cgi templatisation. 2002-01-30 02:26:37 +03:00			`# Gervase Markham <gerv@gerv.net>`
Added stuff to make it more obvious how to create an account. 1999-03-27 05:28:51 +03:00
			`use strict;`

Fix for bug 108982: enable taint mode for all user-facing CGI files. Patch by Brad Baetz <bbaetz@student.usyd.edu.au> r= jake, justdave 2002-01-20 04:44:52 +03:00			`use lib qw(.);`

Added stuff to make it more obvious how to create an account. 1999-03-27 05:28:51 +03:00			`require "CGI.pl";`

			`# Shut up misguided -w warnings about "used only once":`
Bug 100094 - use generic template handling code r=mattyt, afranke 2002-02-13 05:27:24 +03:00			`use vars qw(`
			`%FORM`
			`$template`
			`$vars`
			`);`
Added stuff to make it more obvious how to create an account. 1999-03-27 05:28:51 +03:00
Bug 117509 - createaccount.cgi templatisation. 2002-01-30 02:26:37 +03:00			`ConnectToDatabase();`
Added stuff to make it more obvious how to create an account. 1999-03-27 05:28:51 +03:00
fixes for 51184, 51185, 51186: allow for ldap authentication. patches by jmrobins@tgix.com (Joe Robins). LDAP sections haven't been tested yet, but the code is arranged such that it shouldn't disturb existing user authentication system. 2000-09-15 22:35:18 +04:00			`# If we're using LDAP for login, then we can't create a new account here.`
			`if(Param('useLDAP')) {`
Bug 151053, ConnectToDatabase/quietly_check_login sometimes not called early enough r=mattyt, jouni 2002-06-17 13:39:00 +04:00			`# Just in case someone already has an account, let them get the correct`
			`# footer on the error message`
			`quietly_check_login();`
Bug 163114 - Templatise all calls to DisplayError. Patch C. Patch by gerv; r=burnus. 2002-10-02 02:41:09 +04:00			`ThrowUserError("ldap_cant_create_account");`
fixes for 51184, 51185, 51186: allow for ldap authentication. patches by jmrobins@tgix.com (Joe Robins). LDAP sections haven't been tested yet, but the code is arranged such that it shouldn't disturb existing user authentication system. 2000-09-15 22:35:18 +04:00			`}`
Added stuff to make it more obvious how to create an account. 1999-03-27 05:28:51 +03:00
Bug 117509 - createaccount.cgi templatisation. 2002-01-30 02:26:37 +03:00			`# Clear out the login cookies. Make people log in again if they create an`
			`# account; otherwise, they'll probably get confused.`
			`my $cookiepath = Param("cookiepath");`
			`print "Set-Cookie: Bugzilla_login= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT`
			`Set-Cookie: Bugzilla_logincookie= ; path=$cookiepath; expires=Sun, 30-Jun-80 00:00:00 GMT\n";`

			`print "Content-Type: text/html\n\n";`

Added stuff to make it more obvious how to create an account. 1999-03-27 05:28:51 +03:00			`my $login = $::FORM{'login'};`
Bug 117509 - createaccount.cgi templatisation. 2002-01-30 02:26:37 +03:00
			`if (defined($login)) {`
			`# We've been asked to create an account.`
Bug 156680: "Undefined variable warning" in createaccount.cgi 2xr=bbaetz 2002-07-11 23:24:29 +04:00			`my $realname = trim($::FORM{'realname'});`
Added stuff to make it more obvious how to create an account. 1999-03-27 05:28:51 +03:00			`CheckEmailSyntax($login);`
Bug 117509 - createaccount.cgi templatisation. 2002-01-30 02:26:37 +03:00			`$vars->{'login'} = $login;`

Remaining pieces of Bug 23067 from yesterday... no idea why the first commit didn't pick these up. 2002-04-02 02:52:40 +04:00			`if (!ValidateNewUser($login)) {`
Bug 117509 - createaccount.cgi templatisation. 2002-01-30 02:26:37 +03:00			`# Account already exists`
Bug 138588 - change to use new template structure. Patch by gerv, r=myk, afranke. 2002-04-24 11:24:50 +04:00			`$template->process("account/exists.html.tmpl", $vars)`
			`\|\| ThrowTemplateError($template->error());`
Fix for bug 77473, bug 74032, and bug 85472: Passwords are no longer stored in plaintext in the database. Passwords are no longer encrypted with MySQL's ENCRYPT() function (because it doesn't work on some installs), but with Perl's crypt() function. The crypt-related routines now properly deal with salts so that they work on systems that use methods other than UNIX crypt to crypt the passwords (such as MD5). Checksetup.pl will walk through your database and re-crypt everyone's passwords based on the plaintext password entry, then drop the plaintext password column. As a consequence of no longer having a plaintext password, it is no longer possible to email someone their password, so the login screen has been changed to request a password reset instead. The user is emailed a temporary identifying token, with a link back to Bugzilla. They click on the link or paste it into their browser and Bugzilla allows them to change their password. Patch by Myk Melez <myk@mozilla.org> r= justdave@syndicomm.com, jake@acutex.net 2001-07-11 09:29:21 +04:00			`exit;`
Added stuff to make it more obvious how to create an account. 1999-03-27 05:28:51 +03:00			`}`
Bug 117509 - createaccount.cgi templatisation. 2002-01-30 02:26:37 +03:00
			`# Create account`
Patch by Chris Baldwin <chris.baldwin@siara.com> -- allow optional entry of the user's realname. Note that nothing actually makes use of this info at present. 1999-08-19 04:06:01 +04:00			`my $password = InsertNewUser($login, $realname);`
Oops. Accounts created via the "createaccount.cgi" page were not getting their password emailed to them. 1999-05-08 02:07:21 +04:00			`MailPassword($login, $password);`
Bug 117509 - createaccount.cgi templatisation. 2002-01-30 02:26:37 +03:00
Bug 138588 - change to use new template structure. Patch by gerv, r=myk, afranke. 2002-04-24 11:24:50 +04:00			`$template->process("account/created.html.tmpl", $vars)`
Bug 138588 - missed a DisplayError -> ThrowTemplateError change. 2002-04-24 11:28:11 +04:00			`\|\| ThrowTemplateError($template->error());`
Added stuff to make it more obvious how to create an account. 1999-03-27 05:28:51 +03:00			`exit;`
			`}`

Bug 117509 - createaccount.cgi templatisation. 2002-01-30 02:26:37 +03:00			`# Show the standard "would you like to create an account?" form.`
Bug 138588 - change to use new template structure. Patch by gerv, r=myk, afranke. 2002-04-24 11:24:50 +04:00			`$template->process("account/create.html.tmpl", $vars)`
			`\|\| ThrowTemplateError($template->error());`