diff options
author | gerv%gerv.net <> | 2002-09-30 16:22:39 +0200 |
---|---|---|
committer | gerv%gerv.net <> | 2002-09-30 16:22:39 +0200 |
commit | 89859e7d92395e44357f0baf94b6911eecbdabd1 (patch) | |
tree | 2ed43ec6b5916b77d11ef3d75de5eeff09355e69 | |
parent | 60df4e0a216d538ffc39cbb58c470261f3bf2af2 (diff) | |
download | bugzilla-89859e7d92395e44357f0baf94b6911eecbdabd1.tar.gz bugzilla-89859e7d92395e44357f0baf94b6911eecbdabd1.tar.xz |
Bug 164038 - token.cgi: Cancel token messages should be moved into the templates. Patch by burnus; r=gerv.
-rw-r--r-- | Bugzilla/Token.pm | 3 | ||||
-rw-r--r-- | Token.pm | 3 | ||||
-rw-r--r-- | template/en/default/account/cancel-token.txt.tmpl | 44 | ||||
-rw-r--r-- | template/en/default/global/code-error.html.tmpl | 9 | ||||
-rw-r--r-- | template/en/default/global/messages.html.tmpl | 17 | ||||
-rw-r--r-- | template/en/default/global/user-error.html.tmpl | 40 | ||||
-rwxr-xr-x | token.cgi | 67 |
7 files changed, 134 insertions, 49 deletions
diff --git a/Bugzilla/Token.pm b/Bugzilla/Token.pm index a2604b0f5..ea1e51606 100644 --- a/Bugzilla/Token.pm +++ b/Bugzilla/Token.pm @@ -176,8 +176,7 @@ sub GenerateUniqueToken { ++$tries; if ($tries > 100) { - &::DisplayError("Something is seriously wrong with the token generation system."); - exit; + &::ThrowCodeError("token_generation_error"); } $token = &::GenerateRandomPassword(); @@ -176,8 +176,7 @@ sub GenerateUniqueToken { ++$tries; if ($tries > 100) { - &::DisplayError("Something is seriously wrong with the token generation system."); - exit; + &::ThrowCodeError("token_generation_error"); } $token = &::GenerateRandomPassword(); diff --git a/template/en/default/account/cancel-token.txt.tmpl b/template/en/default/account/cancel-token.txt.tmpl index b37d0da2d..b1545f6d3 100644 --- a/template/en/default/account/cancel-token.txt.tmpl +++ b/template/en/default/account/cancel-token.txt.tmpl @@ -17,6 +17,7 @@ # Rights Reserved. # # Contributor(s): John Vandenberg <zeroj@null.net> + # Tobias Burnus <burnus@net-b.de> #%] From: bugzilla-admin-daemon To: [% emailaddress %] @@ -34,6 +35,47 @@ to [% maintainer %] if you suspect foul play. User: [% emailaddress %] Issue Date: [% issuedate %] Event Data: [% eventdata %] -Cancelled Because: [% cancelaction %] +Cancelled Because: +[% PROCESS cancelactionmessage %] +[% BLOCK cancelactionmessage %] + [% IF cancelaction == 'account_exists' %] + Account [% email %] already exists. + [% ELSIF cancelaction == 'email_change_cancelled' %] + The request to change the email address for the + [% old_email %] account to [% new_email %] + has been cancelled. + + [% ELSIF cancelaction == 'email_change_cancelled_reinstated' %] + The request to change the email address for your account to + [% new_email %] has been cancelled. Your old account + settings have been reinstated. + + [% ELSIF cancelaction == 'emailold_change_cancelled' %] + The request to change the email address for your account + to [% new_email %] has been cancelled. + + [% ELSIF cancelaction == 'password_change_canceled' %] + The user requested cancellation. + + [% ELSIF cancelaction == 'wrong_token_for_changing_passwd' %] + The user tried to use the token to change the password. + + [% ELSIF cancelaction == 'wrong_token_for_cancelling_email_change' %] + The user tried to use the token to cancel the email address change. + + [% ELSIF cancelaction == 'wrong_token_for_confirming_email_change' %] + The user tried to use the token to confirm the email address change. + + [% ELSE %] + [%# Give sensible error if the cancel-token function is used incorrectly. + #%] + You are using Bugzilla's cancel-token function incorrectly. You + passed in the string '[% cancelaction %]'. The correct use is to pass + in a tag, and define that tag in the file cancel-token.txt.tmpl. + + If you are a Bugzilla end-user seeing this message, please forward this + email to [% Param('maintainer') %]. + [% END %] +[% END %] diff --git a/template/en/default/global/code-error.html.tmpl b/template/en/default/global/code-error.html.tmpl index dbe4a1732..0f767ded8 100644 --- a/template/en/default/global/code-error.html.tmpl +++ b/template/en/default/global/code-error.html.tmpl @@ -127,6 +127,9 @@ [% ELSIF error == "request_queue_group_invalid" %] The group field <em>[% group FILTER html %]</em> is invalid. + [% ELSIF error == "token_generation_error" %] + Something is seriously wrong with the token generation system. + [% ELSIF error == "template_error" %] [% template_error_msg %] @@ -134,7 +137,11 @@ [% field FILTER html %] was not defined; [% Param('browserbugmessage') %] [% ELSIF error == "unknown_action" %] - Unknown action [% action FILTER html %]! + [% IF action %] + Unknown action [% action FILTER html %]! + [% ELSE %] + I could not figure out what you wanted to do. + [% END %] [% ELSIF error == "unknown_component" %] [% title = "Unknown Component" %] diff --git a/template/en/default/global/messages.html.tmpl b/template/en/default/global/messages.html.tmpl index 85c678fdc..482f7e35f 100644 --- a/template/en/default/global/messages.html.tmpl +++ b/template/en/default/global/messages.html.tmpl @@ -56,6 +56,23 @@ [% title = "Change columns" %] Resubmitting your query with new columns... + [% ELSIF message_tag == "emailold_change_cancelled" %] + [% title = "Cancel Request to Change Email Address" %] + The request to change the email address for your account to + [% new_email FILTER html %] has been cancelled. + + [% ELSIF message_tag == "email_change_cancelled" %] + [% title = "Cancel Request to Change Email Address" %] + The request to change the email address for the + [% old_email FILTER html %] account to + [% new_email FILTER html %] has been cancelled. + + [% ELSIF message_tag == "email_change_cancelled_reinstated" %] + [% title = "Cancel Request to Change Email Address" %] + The request to change the email address for the + [% old_email %] account to [% new_email %] has been cancelled. + Your old account settings have been reinstated. + [% ELSIF message_tag == "logged_out" %] [% title = "Logged Out" %] [% url = "query.cgi?GoAheadAndLogIn=1" %] diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl index 593c8bede..10c50cc9e 100644 --- a/template/en/default/global/user-error.html.tmpl +++ b/template/en/default/global/user-error.html.tmpl @@ -48,8 +48,17 @@ [% ELSIF error == "account_exists" %] [% title = "Account Already Exists" %] - That account already exists. + There is already an account with + [% IF email %] + the login name [% email FILTER html %]. + [% ELSE %] + that login name. + [% END %] + [% ELSIF error == "account_inexistent" %] + [% title = "Account Does Not Exist" %] + There is no Bugzilla account with that login name. + [% ELSIF error == "alias_has_comma_or_space" %] [% title = "Invalid Characters In Alias" %] The alias you entered, <em>[% alias FILTER html %]</em>, @@ -134,6 +143,10 @@ really make sense to mark a bug as a duplicate of itself, does it? + [% ELSIF error == "email_confirmation_failed" %] + [% title = "Email Address Email Address Confirmation Failed" %] + Email address confirmation failed. + [% ELSIF error == "file_not_specified" %] [% title = "No File Specified" %] You did not specify a file to attach. @@ -259,6 +272,10 @@ [% title = "Invalid Username Or Password" %] The username or password you entered is not valid. + [% ELSIF error == "login_needed_for_password_change" %] + [% title = "Login Name Required" %] + You must enter a login name when requesting to change your password. + [% ELSIF error == "milestone_required" %] [% title = "Milestone Required" %] You must determine a target milestone for bug [% bug_id %] @@ -366,6 +383,15 @@ 100 users. Enter more of the name to bring the number of matches down to a reasonable amount. + [% ELSIF error == "require_new_password" %] + [% title = "New Password Needed" %] + You cannot change your password without submitting a new one. + + [% ELSIF error == "token_inexistent" %] + [% title = "Token Does Not Exist" %] + The token you submitted does not exist, has expired, or has + been cancelled. + [% ELSIF error == "unknown_keyword" %] [% title = "Unknown Keyword" %] <code>[% keyword FILTER html %]</code> is not a known keyword. @@ -375,6 +401,18 @@ [% title = "Unknown Tab" %] <code>[% current_tab_name FILTER html %]</code> is not a legal tab name. + [% ELSIF error == "wrong_token_for_cancelling_email_change" %] + [% title = "Wrong Token" %] + That token cannot be used to cancel an email address change. + + [% ELSIF error == "wrong_token_for_changing_passwd" %] + [% title = "Wrong Token" %] + That token cannot be used to change your password. + + [% ELSIF error == "wrong_token_for_confirming_email_change" %] + [% title = "Wrong Token" %] + That token cannot be used to change your email address. + [% ELSIF error == "zero_length_file" %] [% title = "File Is Empty" %] The file you are trying to attach is empty! @@ -48,9 +48,7 @@ use Token; # Throw an error if the form does not contain an "action" field specifying # what the user wants to do. -$::FORM{'a'} - || DisplayError("I could not figure out what you wanted to do.") - && exit; +$::FORM{'a'} || ThrowCodeError("unknown_action"); # Assign the action to a global variable. $::action = $::FORM{'a'}; @@ -65,8 +63,7 @@ if ($::FORM{'t'}) { # Make sure the token contains only valid characters in the right amount. my $validationerror = ValidatePassword($::token); if ($validationerror) { - DisplayError('The token you entered is invalid.'); - exit; + ThrowUserError("token_invalid"); } @@ -74,29 +71,22 @@ if ($::FORM{'t'}) { # Make sure the token exists in the database. SendSQL( "SELECT tokentype FROM tokens WHERE token = $::quotedtoken" ); - (my $tokentype = FetchSQLData()) - || DisplayError("The token you submitted does not exist, has expired, or has been cancelled.") - && exit; + (my $tokentype = FetchSQLData()) || ThrowUserError("token_inexistent"); # Make sure the token is the correct type for the action being taken. if ( grep($::action eq $_ , qw(cfmpw cxlpw chgpw)) && $tokentype ne 'password' ) { - DisplayError("That token cannot be used to change your password."); - Token::Cancel($::token, "user tried to use token to change password"); - exit; + Token::Cancel($::token, "wrong_token_for_changing_passwd"); + ThrowUserError("wrong_token_for_changing_passwd"); } if ( ($::action eq 'cxlem') && (($tokentype ne 'emailold') && ($tokentype ne 'emailnew')) ) { - DisplayError("That token cannot be used to cancel an email address change."); - Token::Cancel($::token, - "user tried to use token to cancel email address change"); - exit; + Token::Cancel($::token, "wrong_token_for_cancelling_email_change"); + ThrowUserError("wrong_token_for_cancelling_email_change"); } if ( grep($::action eq $_ , qw(cfmem chgem)) && ($tokentype ne 'emailnew') ) { - DisplayError("That token cannot be used to change your email address."); - Token::Cancel($::token, - "user tried to use token to confirm email address change"); - exit; + Token::Cancel($::token, "wrong_token_for_confirming_email_change"); + ThrowUserError("wrong_token_for_confirming_email_change"); } } @@ -104,8 +94,7 @@ if ($::FORM{'t'}) { # their login name and it exists in the database. if ( $::action eq 'reqpw' ) { defined $::FORM{'loginname'} - || DisplayError("You must enter a login name when requesting to change your password.") - && exit; + || ThrowUserError("login_needed_for_password_change"); # Make sure the login name looks like an email address. This function # displays its own error and stops execution if the login name looks wrong. @@ -114,8 +103,7 @@ if ( $::action eq 'reqpw' ) { my $quotedloginname = SqlQuote($::FORM{'loginname'}); SendSQL("SELECT userid FROM profiles WHERE login_name = $quotedloginname"); FetchSQLData() - || DisplayError("There is no Bugzilla account with that login name.") - && exit; + || ThrowUserError("account_inexistent"); } # If the user is changing their password, make sure they submitted a new @@ -123,8 +111,7 @@ if ( $::action eq 'reqpw' ) { if ( $::action eq 'chgpw' ) { defined $::FORM{'password'} && defined $::FORM{'matchpassword'} - || DisplayError("You cannot change your password without submitting a new one.") - && exit; + || ThrowUserError("require_new_password"); my $passworderror = ValidatePassword($::FORM{'password'}, $::FORM{'matchpassword'}); if ( $passworderror ) { @@ -159,7 +146,7 @@ if ($::action eq 'reqpw') { # If the action that the user wants to take (specified in the "a" form field) # is none of the above listed actions, display an error telling the user # that we do not understand what they would like to do. - DisplayError("I could not figure out what you wanted to do."); + ThrowCodeError("unknown_action"); } exit; @@ -187,9 +174,8 @@ sub confirmChangePassword { } sub cancelChangePassword { - Token::Cancel($::token, "user requested cancellation"); - $vars->{'message'} = "password_change_canceled"; + Token::Cancel($::token, $vars->{'message'}); print "Content-Type: text/html\n\n"; $template->process("global/message.html.tmpl", $vars) @@ -244,15 +230,14 @@ sub changeEmail { # Check the user entered the correct old email address if($::FORM{'email'} ne $old_email) { - DisplayError("Email Address confirmation failed"); - exit; + ThrowUserError("email_confirmation_failed"); } # The new email address should be available as this was # confirmed initially so cancel token if it is not still available if (! ValidateNewUser($new_email,$old_email)) { - DisplayError("Account $new_email already exists."); - Token::Cancel($::token,"Account $new_email already exists."); - exit; + $vars->{'email'} = $new_email; + Token::Cancel($::token,"account_exists"); + ThrowUserError("account_exists"); } # Update the user's login name in the profiles table and delete the token @@ -286,8 +271,7 @@ sub cancelChangeEmail { my ($old_email, $new_email) = split(/:/,$eventdata); if($tokentype eq "emailold") { - $vars->{'message'} = "The request to change the email address " . - "for your account to $new_email has been cancelled."; + $vars->{'message'} = "emailold_change_cancelled"; SendSQL("SELECT login_name FROM profiles WHERE userid = $userid"); my $actualemail = FetchSQLData(); @@ -302,14 +286,15 @@ sub cancelChangeEmail { WHERE userid = $userid"); SendSQL("UNLOCK TABLES"); DeriveGroup($userid); - $vars->{'message'} .= - " Your old account settings have been reinstated."; + $vars->{'message'} = "email_change_cancelled_reinstated"; } } else { - $vars->{'message'} = "The request to change the email address " . - "for the $old_email account to $new_email has been cancelled."; - } + $vars->{'message'} = 'email_change_cancelled' + } + + $vars->{'old_email'} = $old_email; + $vars->{'new_email'} = $new_email; Token::Cancel($::token, $vars->{'message'}); SendSQL("LOCK TABLES tokens WRITE"); @@ -321,8 +306,6 @@ sub cancelChangeEmail { # Return HTTP response headers. print "Content-Type: text/html\n\n"; - $vars->{'title'} = "Cancel Request to Change Email Address"; - $template->process("global/message.html.tmpl", $vars) || ThrowTemplateError($template->error()); } |