# generate new password
my $pwd = '';
my $allowed = '2345679ACDEFGHIJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz';
- for my $i (0..7){
- $pwd .= substr($allowed, POSIX::floor(rand(72)), 1);
+ # we dont want uppercase-only passwords
+ while($pwd =~ /^[A-Z]*$/){
+ $pwd = '';
+ for my $i (0..7){
+ $pwd .= substr($allowed, POSIX::floor(rand(72)), 1);
+ }
}
my $qpwd = $self->{-dbh}->quote($pwd);
REALNAME => $name,
LOGIN => $login,
EMAIL => $email,
- PASSWORD => $pwd,
+ PASSWORD => crypt($pwd,'5g'),
LANGUAGE => $lang,
});
$self->commit();
- my $mail = "From: registration\@aymargeddon.de\nTo: $name <$email>\n"
- . "Subject: ".$self->loc('REGISTER_MAIL_SUBJECT')."\n\n"
- . $self->loc('REGISTER_MAIL_TEXT', $name, $login, $pwd)."\n";
-
- # print $mail;
-
- open(SENDMAIL, "|mail $email") or Util::log("Can't fork for sendmail: $!",0);
- print SENDMAIL $mail;
- close(SENDMAIL) or Util::log("sendmail didn't close nicely",0);
-
+ use Mail::Mailer;
+
+ my $mailer = Mail::Mailer->new();
+
+ $mailer->open({ From => 'benni@aymargeddon.de',
+ To => "$name <$email>",
+ Subject => $self->loc('REGISTER_MAIL_SUBJECT'),
+ })
+ or Util::log("can't send registration mail to $email: $!\n");
+ print $mailer $self->loc('REGISTER_MAIL_TEXT', $name, $login, $pwd);
+ $mailer->close();
+
return $pwd;
}
# you can log into any account with adminpassword
my ($adminpwd) = $self->single_select("SELECT PASSWORD FROM PLAYER ".
"WHERE LOGIN=$admin");
+ $pwd = crypt($pwd,'5g');
+ $adminpwd = crypt($adminpwd,'5g');
($user,$pwd,$adminpwd) = $self->quote_all($user,$pwd,$adminpwd);
-
- Util::log("Adminpassword: $adminpwd, password: $pwd",2);
+ # Util::log("Adminpassword: $adminpwd, password: $pwd",2);
my ($player, $sec);
if($adminpwd eq $pwd){
if($player){
if($pwd2 and $pwd3 and $pwd2 eq $pwd3){
- # change password!
- $self->update_hash('PLAYER',
+ # change password!
+ $pwd2 = crypt($pwd2,'5g');
+ $self->update_hash('PLAYER',
"LOGIN=$user",
{'PASSWORD' => $pwd2});
- Util::log("password changed!",0); # todo: localize and aufhübschen
+ Util::log("password changed for player $player!",0);
}
+ # TODO? error if passwords did not match
# TODO: write last_login
return $player;
}