summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorgerv%gerv.net <>2002-09-30 16:22:39 +0200
committergerv%gerv.net <>2002-09-30 16:22:39 +0200
commit89859e7d92395e44357f0baf94b6911eecbdabd1 (patch)
tree2ed43ec6b5916b77d11ef3d75de5eeff09355e69
parent60df4e0a216d538ffc39cbb58c470261f3bf2af2 (diff)
downloadbugzilla-89859e7d92395e44357f0baf94b6911eecbdabd1.tar.gz
bugzilla-89859e7d92395e44357f0baf94b6911eecbdabd1.tar.xz
Bug 164038 - token.cgi: Cancel token messages should be moved into the templates. Patch by burnus; r=gerv.
-rw-r--r--Bugzilla/Token.pm3
-rw-r--r--Token.pm3
-rw-r--r--template/en/default/account/cancel-token.txt.tmpl44
-rw-r--r--template/en/default/global/code-error.html.tmpl9
-rw-r--r--template/en/default/global/messages.html.tmpl17
-rw-r--r--template/en/default/global/user-error.html.tmpl40
-rwxr-xr-xtoken.cgi67
7 files changed, 134 insertions, 49 deletions
diff --git a/Bugzilla/Token.pm b/Bugzilla/Token.pm
index a2604b0f5..ea1e51606 100644
--- a/Bugzilla/Token.pm
+++ b/Bugzilla/Token.pm
@@ -176,8 +176,7 @@ sub GenerateUniqueToken {
++$tries;
if ($tries > 100) {
- &::DisplayError("Something is seriously wrong with the token generation system.");
- exit;
+ &::ThrowCodeError("token_generation_error");
}
$token = &::GenerateRandomPassword();
diff --git a/Token.pm b/Token.pm
index a2604b0f5..ea1e51606 100644
--- a/Token.pm
+++ b/Token.pm
@@ -176,8 +176,7 @@ sub GenerateUniqueToken {
++$tries;
if ($tries > 100) {
- &::DisplayError("Something is seriously wrong with the token generation system.");
- exit;
+ &::ThrowCodeError("token_generation_error");
}
$token = &::GenerateRandomPassword();
diff --git a/template/en/default/account/cancel-token.txt.tmpl b/template/en/default/account/cancel-token.txt.tmpl
index b37d0da2d..b1545f6d3 100644
--- a/template/en/default/account/cancel-token.txt.tmpl
+++ b/template/en/default/account/cancel-token.txt.tmpl
@@ -17,6 +17,7 @@
# Rights Reserved.
#
# Contributor(s): John Vandenberg <zeroj@null.net>
+ # Tobias Burnus <burnus@net-b.de>
#%]
From: bugzilla-admin-daemon
To: [% emailaddress %]
@@ -34,6 +35,47 @@ to [% maintainer %] if you suspect foul play.
User: [% emailaddress %]
Issue Date: [% issuedate %]
Event Data: [% eventdata %]
-Cancelled Because: [% cancelaction %]
+Cancelled Because:
+[% PROCESS cancelactionmessage %]
+[% BLOCK cancelactionmessage %]
+ [% IF cancelaction == 'account_exists' %]
+ Account [% email %] already exists.
+ [% ELSIF cancelaction == 'email_change_cancelled' %]
+ The request to change the email address for the
+ [% old_email %] account to [% new_email %]
+ has been cancelled.
+
+ [% ELSIF cancelaction == 'email_change_cancelled_reinstated' %]
+ The request to change the email address for your account to
+ [% new_email %] has been cancelled. Your old account
+ settings have been reinstated.
+
+ [% ELSIF cancelaction == 'emailold_change_cancelled' %]
+ The request to change the email address for your account
+ to [% new_email %] has been cancelled.
+
+ [% ELSIF cancelaction == 'password_change_canceled' %]
+ The user requested cancellation.
+
+ [% ELSIF cancelaction == 'wrong_token_for_changing_passwd' %]
+ The user tried to use the token to change the password.
+
+ [% ELSIF cancelaction == 'wrong_token_for_cancelling_email_change' %]
+ The user tried to use the token to cancel the email address change.
+
+ [% ELSIF cancelaction == 'wrong_token_for_confirming_email_change' %]
+ The user tried to use the token to confirm the email address change.
+
+ [% ELSE %]
+ [%# Give sensible error if the cancel-token function is used incorrectly.
+ #%]
+ You are using Bugzilla's cancel-token function incorrectly. You
+ passed in the string '[% cancelaction %]'. The correct use is to pass
+ in a tag, and define that tag in the file cancel-token.txt.tmpl.
+
+ If you are a Bugzilla end-user seeing this message, please forward this
+ email to [% Param('maintainer') %].
+ [% END %]
+[% END %]
diff --git a/template/en/default/global/code-error.html.tmpl b/template/en/default/global/code-error.html.tmpl
index dbe4a1732..0f767ded8 100644
--- a/template/en/default/global/code-error.html.tmpl
+++ b/template/en/default/global/code-error.html.tmpl
@@ -127,6 +127,9 @@
[% ELSIF error == "request_queue_group_invalid" %]
The group field <em>[% group FILTER html %]</em> is invalid.
+ [% ELSIF error == "token_generation_error" %]
+ Something is seriously wrong with the token generation system.
+
[% ELSIF error == "template_error" %]
[% template_error_msg %]
@@ -134,7 +137,11 @@
[% field FILTER html %] was not defined; [% Param('browserbugmessage') %]
[% ELSIF error == "unknown_action" %]
- Unknown action [% action FILTER html %]!
+ [% IF action %]
+ Unknown action [% action FILTER html %]!
+ [% ELSE %]
+ I could not figure out what you wanted to do.
+ [% END %]
[% ELSIF error == "unknown_component" %]
[% title = "Unknown Component" %]
diff --git a/template/en/default/global/messages.html.tmpl b/template/en/default/global/messages.html.tmpl
index 85c678fdc..482f7e35f 100644
--- a/template/en/default/global/messages.html.tmpl
+++ b/template/en/default/global/messages.html.tmpl
@@ -56,6 +56,23 @@
[% title = "Change columns" %]
Resubmitting your query with new columns...
+ [% ELSIF message_tag == "emailold_change_cancelled" %]
+ [% title = "Cancel Request to Change Email Address" %]
+ The request to change the email address for your account to
+ [% new_email FILTER html %] has been cancelled.
+
+ [% ELSIF message_tag == "email_change_cancelled" %]
+ [% title = "Cancel Request to Change Email Address" %]
+ The request to change the email address for the
+ [% old_email FILTER html %] account to
+ [% new_email FILTER html %] has been cancelled.
+
+ [% ELSIF message_tag == "email_change_cancelled_reinstated" %]
+ [% title = "Cancel Request to Change Email Address" %]
+ The request to change the email address for the
+ [% old_email %] account to [% new_email %] has been cancelled.
+ Your old account settings have been reinstated.
+
[% ELSIF message_tag == "logged_out" %]
[% title = "Logged Out" %]
[% url = "query.cgi?GoAheadAndLogIn=1" %]
diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl
index 593c8bede..10c50cc9e 100644
--- a/template/en/default/global/user-error.html.tmpl
+++ b/template/en/default/global/user-error.html.tmpl
@@ -48,8 +48,17 @@
[% ELSIF error == "account_exists" %]
[% title = "Account Already Exists" %]
- That account already exists.
+ There is already an account with
+ [% IF email %]
+ the login name [% email FILTER html %].
+ [% ELSE %]
+ that login name.
+ [% END %]
+ [% ELSIF error == "account_inexistent" %]
+ [% title = "Account Does Not Exist" %]
+ There is no Bugzilla account with that login name.
+
[% ELSIF error == "alias_has_comma_or_space" %]
[% title = "Invalid Characters In Alias" %]
The alias you entered, <em>[% alias FILTER html %]</em>,
@@ -134,6 +143,10 @@
really make sense to mark a bug as a duplicate of itself,
does it?
+ [% ELSIF error == "email_confirmation_failed" %]
+ [% title = "Email Address Email Address Confirmation Failed" %]
+ Email address confirmation failed.
+
[% ELSIF error == "file_not_specified" %]
[% title = "No File Specified" %]
You did not specify a file to attach.
@@ -259,6 +272,10 @@
[% title = "Invalid Username Or Password" %]
The username or password you entered is not valid.
+ [% ELSIF error == "login_needed_for_password_change" %]
+ [% title = "Login Name Required" %]
+ You must enter a login name when requesting to change your password.
+
[% ELSIF error == "milestone_required" %]
[% title = "Milestone Required" %]
You must determine a target milestone for bug [% bug_id %]
@@ -366,6 +383,15 @@
100 users. Enter more of the name to bring the number of matches
down to a reasonable amount.
+ [% ELSIF error == "require_new_password" %]
+ [% title = "New Password Needed" %]
+ You cannot change your password without submitting a new one.
+
+ [% ELSIF error == "token_inexistent" %]
+ [% title = "Token Does Not Exist" %]
+ The token you submitted does not exist, has expired, or has
+ been cancelled.
+
[% ELSIF error == "unknown_keyword" %]
[% title = "Unknown Keyword" %]
<code>[% keyword FILTER html %]</code> is not a known keyword.
@@ -375,6 +401,18 @@
[% title = "Unknown Tab" %]
<code>[% current_tab_name FILTER html %]</code> is not a legal tab name.
+ [% ELSIF error == "wrong_token_for_cancelling_email_change" %]
+ [% title = "Wrong Token" %]
+ That token cannot be used to cancel an email address change.
+
+ [% ELSIF error == "wrong_token_for_changing_passwd" %]
+ [% title = "Wrong Token" %]
+ That token cannot be used to change your password.
+
+ [% ELSIF error == "wrong_token_for_confirming_email_change" %]
+ [% title = "Wrong Token" %]
+ That token cannot be used to change your email address.
+
[% ELSIF error == "zero_length_file" %]
[% title = "File Is Empty" %]
The file you are trying to attach is empty!
diff --git a/token.cgi b/token.cgi
index 86e51939d..64f5710bd 100755
--- a/token.cgi
+++ b/token.cgi
@@ -48,9 +48,7 @@ use Token;
# Throw an error if the form does not contain an "action" field specifying
# what the user wants to do.
-$::FORM{'a'}
- || DisplayError("I could not figure out what you wanted to do.")
- && exit;
+$::FORM{'a'} || ThrowCodeError("unknown_action");
# Assign the action to a global variable.
$::action = $::FORM{'a'};
@@ -65,8 +63,7 @@ if ($::FORM{'t'}) {
# Make sure the token contains only valid characters in the right amount.
my $validationerror = ValidatePassword($::token);
if ($validationerror) {
- DisplayError('The token you entered is invalid.');
- exit;
+ ThrowUserError("token_invalid");
}
@@ -74,29 +71,22 @@ if ($::FORM{'t'}) {
# Make sure the token exists in the database.
SendSQL( "SELECT tokentype FROM tokens WHERE token = $::quotedtoken" );
- (my $tokentype = FetchSQLData())
- || DisplayError("The token you submitted does not exist, has expired, or has been cancelled.")
- && exit;
+ (my $tokentype = FetchSQLData()) || ThrowUserError("token_inexistent");
# Make sure the token is the correct type for the action being taken.
if ( grep($::action eq $_ , qw(cfmpw cxlpw chgpw)) && $tokentype ne 'password' ) {
- DisplayError("That token cannot be used to change your password.");
- Token::Cancel($::token, "user tried to use token to change password");
- exit;
+ Token::Cancel($::token, "wrong_token_for_changing_passwd");
+ ThrowUserError("wrong_token_for_changing_passwd");
}
if ( ($::action eq 'cxlem')
&& (($tokentype ne 'emailold') && ($tokentype ne 'emailnew')) ) {
- DisplayError("That token cannot be used to cancel an email address change.");
- Token::Cancel($::token,
- "user tried to use token to cancel email address change");
- exit;
+ Token::Cancel($::token, "wrong_token_for_cancelling_email_change");
+ ThrowUserError("wrong_token_for_cancelling_email_change");
}
if ( grep($::action eq $_ , qw(cfmem chgem))
&& ($tokentype ne 'emailnew') ) {
- DisplayError("That token cannot be used to change your email address.");
- Token::Cancel($::token,
- "user tried to use token to confirm email address change");
- exit;
+ Token::Cancel($::token, "wrong_token_for_confirming_email_change");
+ ThrowUserError("wrong_token_for_confirming_email_change");
}
}
@@ -104,8 +94,7 @@ if ($::FORM{'t'}) {
# their login name and it exists in the database.
if ( $::action eq 'reqpw' ) {
defined $::FORM{'loginname'}
- || DisplayError("You must enter a login name when requesting to change your password.")
- && exit;
+ || ThrowUserError("login_needed_for_password_change");
# Make sure the login name looks like an email address. This function
# displays its own error and stops execution if the login name looks wrong.
@@ -114,8 +103,7 @@ if ( $::action eq 'reqpw' ) {
my $quotedloginname = SqlQuote($::FORM{'loginname'});
SendSQL("SELECT userid FROM profiles WHERE login_name = $quotedloginname");
FetchSQLData()
- || DisplayError("There is no Bugzilla account with that login name.")
- && exit;
+ || ThrowUserError("account_inexistent");
}
# If the user is changing their password, make sure they submitted a new
@@ -123,8 +111,7 @@ if ( $::action eq 'reqpw' ) {
if ( $::action eq 'chgpw' ) {
defined $::FORM{'password'}
&& defined $::FORM{'matchpassword'}
- || DisplayError("You cannot change your password without submitting a new one.")
- && exit;
+ || ThrowUserError("require_new_password");
my $passworderror = ValidatePassword($::FORM{'password'}, $::FORM{'matchpassword'});
if ( $passworderror ) {
@@ -159,7 +146,7 @@ if ($::action eq 'reqpw') {
# If the action that the user wants to take (specified in the "a" form field)
# is none of the above listed actions, display an error telling the user
# that we do not understand what they would like to do.
- DisplayError("I could not figure out what you wanted to do.");
+ ThrowCodeError("unknown_action");
}
exit;
@@ -187,9 +174,8 @@ sub confirmChangePassword {
}
sub cancelChangePassword {
- Token::Cancel($::token, "user requested cancellation");
-
$vars->{'message'} = "password_change_canceled";
+ Token::Cancel($::token, $vars->{'message'});
print "Content-Type: text/html\n\n";
$template->process("global/message.html.tmpl", $vars)
@@ -244,15 +230,14 @@ sub changeEmail {
# Check the user entered the correct old email address
if($::FORM{'email'} ne $old_email) {
- DisplayError("Email Address confirmation failed");
- exit;
+ ThrowUserError("email_confirmation_failed");
}
# The new email address should be available as this was
# confirmed initially so cancel token if it is not still available
if (! ValidateNewUser($new_email,$old_email)) {
- DisplayError("Account $new_email already exists.");
- Token::Cancel($::token,"Account $new_email already exists.");
- exit;
+ $vars->{'email'} = $new_email;
+ Token::Cancel($::token,"account_exists");
+ ThrowUserError("account_exists");
}
# Update the user's login name in the profiles table and delete the token
@@ -286,8 +271,7 @@ sub cancelChangeEmail {
my ($old_email, $new_email) = split(/:/,$eventdata);
if($tokentype eq "emailold") {
- $vars->{'message'} = "The request to change the email address " .
- "for your account to $new_email has been cancelled.";
+ $vars->{'message'} = "emailold_change_cancelled";
SendSQL("SELECT login_name FROM profiles WHERE userid = $userid");
my $actualemail = FetchSQLData();
@@ -302,14 +286,15 @@ sub cancelChangeEmail {
WHERE userid = $userid");
SendSQL("UNLOCK TABLES");
DeriveGroup($userid);
- $vars->{'message'} .=
- " Your old account settings have been reinstated.";
+ $vars->{'message'} = "email_change_cancelled_reinstated";
}
}
else {
- $vars->{'message'} = "The request to change the email address " .
- "for the $old_email account to $new_email has been cancelled.";
- }
+ $vars->{'message'} = 'email_change_cancelled'
+ }
+
+ $vars->{'old_email'} = $old_email;
+ $vars->{'new_email'} = $new_email;
Token::Cancel($::token, $vars->{'message'});
SendSQL("LOCK TABLES tokens WRITE");
@@ -321,8 +306,6 @@ sub cancelChangeEmail {
# Return HTTP response headers.
print "Content-Type: text/html\n\n";
- $vars->{'title'} = "Cancel Request to Change Email Address";
-
$template->process("global/message.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
}