admin/Facilitor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
081ee768dde4507075f71dc69812f30b9a5d9eb0
Facilitor/APPL/AUT/pass2mail_save.asp
Erik Groener 41daffdad4 DHLD#86034 Foutmelding EntraID: 'Login' veld niet uniek, configuratieprobleem 
svn path=/Website/trunk/; revision=67525
2025-01-07 11:51:11 +00:00

109 lines
4.1 KiB
Plaintext
Raw Blame History

<%@language = "javascript" %>
<% /*
$Revision$
$Id$
File: pass2mail_save.asp
Description: Savescript voor
A) ../shared/pass2mail.asp of
B) ../pda/token2mail.asp
Parameters: mode=A (default) of mode=B
A) Stuur een user een reset link per e-mail of
B) stuur een inlog token per e-mail
*/
ANONYMOUS_Allowed = 1;
JSON_Result = true;
%>
<!-- #include file="../Shared/common.inc"-->
<!-- #include file="../Shared/send_mail.inc"-->
<%
protectRequest.validateToken();
var mode = getFParam("mode", "A");
if ((mode == "A" && !S("email_password")) ||
(mode == "B" && S("fac_emailtoken_auth_expire") == 0))
{
abort_with_warning(L("lcl_no_auth"));
}
var emailOrLogin = getFParam("email", "");
var sql = "SELECT prs_perslid_key, prs_perslid_flags, prs_perslid_email"
+ " FROM prs_v_aanwezigperslid"
+ " WHERE prs_perslid_inactief IS NULL"
+ " AND ( UPPER(prs_perslid_email) = " + safe.quoted_sql_upper(emailOrLogin)
+ " OR UPPER(prs_perslid_oslogin) = " + safe.quoted_sql_upper(emailOrLogin)
+ " )";
if (mode == "A" && S("email_password") != 2) // Bij setting 2 hoef je geen oud wachtwoord te hebben
sql += " AND prs_perslid_wachtwoord_hash IS NOT NULL";
var oRs = Oracle.Execute(sql);
var result = { success : true };
if (oRs.eof)
{
// SILENCE! (e-mail harvesting) Response.Write(L("lcl_pass2emailunknown"));
// Gewoon altijd dezelfde tekst
result.warning = L("lcl_pass2emailsent") + emailOrLogin;
shared.auditfail(L("lcl_autfai_forgotten").format(emailOrLogin)); // niet gevonden of had geen wachtwoord
}
else if ((oRs("prs_perslid_flags").Value & 2) == 2)
result.warning = L("lcl_self_register_unconfirmed");
else
{
var perslid_key = oRs("prs_perslid_key").Value;
var person = new Perslid(perslid_key);
var params = { ignoreOverrule: person.has("WEB_PRSSYS")};
var email = oRs("prs_perslid_email").Value; // Voor als oslogin opgegeven
oRs.MoveNext();
if (!oRs.Eof)
{
result.warning = "E-mail or login '{0}' is not unique.".format(emailOrLogin);
}
else
{
// verwijder oudere bookmarks, we ondersteunen maximaal <20><>n pending
var sql = "DELETE fac_bookmark"
+ " WHERE fac_bookmark_naam = 'PRS password reset'"
+ " AND prs_perslid_key = " + perslid_key;
Oracle.Execute(sql);
// appl/prs/pchange_reset.asp?user_key=1234 zou genoeg zijn
// maar (deep)links gaan altijd via een short-url/ bookmark
var bookmarkId = shared.random(16);
var expire = mode == "A"? "trunc(sysdate+1,'DD')-1/24/60" // rest van de dag
: "sysdate + ("+S("fac_emailtoken_auth_expire")+"/24/60)";
var url = mode == "A"? "appl/prs/pchange_reset.asp": "appl/prs/prs_perslid_qr_confirm.asp";
sql = "INSERT INTO fac_bookmark ( "
+ " fac_bookmark_id, "
+ " prs_perslid_key, "
+ " fac_bookmark_naam, "
+ " fac_bookmark_path, "
+ " fac_bookmark_query, "
+ " fac_bookmark_flags, "
+ " fac_bookmark_expire ) "
+ " VALUES ( "
+ safe.quoted_sql(bookmarkId) + ", "
+ perslid_key + ", "
+ " 'PRS password reset', "
+ safe.quoted_sql(url) + ","
+ safe.quoted_sql("user_key=" + perslid_key) + ", " // is straks beschermd met HMAC
+ "0," // Zelfs onzichtbaar voor PRSSYS
+ expire + " )" // Tot middernacht
Oracle.Execute(sql);
fac_send_bookmark(bookmarkId, email, L(mode=="A"?"lcl_password_new":"lcl_tokenmail_subject"),
L(mode=="A"?"lcl_password_reset":"lcl_tokenmail_body"), params);
result.warning = L("lcl_pass2emailsent") + emailOrLogin;
}
}
result.success = true;
Response.Write(JSON.stringify(result));
%><% ASPPAGE_END(); %>
View Git Blame Copy Permalink