#!/opt/ruby/bin/ruby require "cgi" require "erb" require "ofwd-accounts.rb" require "ofwd-erb.rb" puts "Content-type: text/html\n\n" cgi = CGI.new http_param = cgi.params view = OfwdView.new case http_param['action'].to_s #when 'create' # htmloutput = view.account_create_start #when 'register' # account = OfwdAccount.new # creation_request_valid = false # username = http_param['username'].to_s # email = http_param['email'].to_s # newpassword = http_param['newpassword'].to_s # repeatpassword = http_param['repeatpassword'].to_s # policies_accepted = http_param['policies'].to_s # if username.length > 0 and newpassword.length > 0 and repeatpassword.length > 0 and email.length > 0 then # if policies_accepted == "yes" then # if account.sanitize_username(username) then # if account.check_username_availability(username)then # if account.sanitize_email(email)then # if account.sanitize_password(newpassword) then # if newpassword == repeatpassword then # creation_request_valid = true # else # error_message = "Passwords do not match" # end # else # error_message = "Invalid password." # end # else # error_message = "Invalid email address." # end # else # error_message = "That username is not available" # end # else # error_message = "Invalid username" # end # else # error_message = "You must agree to the Terms of Service and Policies to create an account" # end # else # error_message = "Please fill out all fields" # end # if creation_request_valid then # webdavurl = username.downcase # account.create_account(username, email, newpassword) # htmloutput = view.account_create_success(username, email, webdavurl) # else # htmloutput = view.account_create_failure(error_message) # end # account.destroy #when 'verify' # key_verify_valid = false # account = OfwdAccount.new # verify_key = http_param['key'].to_s # if account.verify_account(verify_key) then # key_verify_valid = true # end # if key_verify_valid == true then # htmloutput = view.account_verify_success # else # htmloutput = view.account_verify_failure # end # account.destroy when 'reset' account = OfwdAccount.new reset_request_valid = false username = http_param['username'].to_s if account.sanitize_username(username) then if account.verify_username(username) then reset_request_valid = true end end if reset_request_valid then newpassword = account.generate_password account.change_password(username, newpassword) recipient = account.get_email(username) account.send_password_reset_mail(recipient, newpassword) htmloutput = view.reset_password_success else htmloutput = view.reset_password_failure end account.destroy when 'change' account = OfwdAccount.new change_request_valid = false username = http_param['username'].to_s currentpassword = http_param['currentpassword'].to_s newpassword = http_param['newpassword'].to_s repeatpassword = http_param['repeatpassword'].to_s if username.length > 0 and currentpassword.length > 0 and newpassword.length > 0 and repeatpassword.length > 0 then if account.sanitize_username(username) and account.sanitize_password(currentpassword) then if account.verify_username(username) and account.authenticate(username,currentpassword) then if account.sanitize_password(newpassword) and account.sanitize_password(repeatpassword) then if newpassword == repeatpassword then change_request_valid = true else error_message = "The password you entered in the New Password Field does not match the password you entered in the Repeat Password field." end else error_message = "New password is not valid." end else error_message = "Username and/or current password incorrect." end else error_message = "Bad username or password." end else error_message = "Please fill out all fields" end if change_request_valid then account.change_password(username, newpassword) htmloutput = view.change_password_success else htmloutput = view.change_password_failure(error_message) end account.destroy else htmloutput = view.show_default end rhtml = ERB.new(htmloutput) rhtml.run