Odyssey
hcuProfilePwd.prg
1 <?php
2  /*
3  * File: hcuProfilePwd
4  *
5  * Purpose: Handle the client-side updating of the user's password info.
6  *
7  */
8 
9  // ** SET SCRIPT LEVEL VARIABLES
10  $serviceShowInfo = true;
11  $serviceLoadMenu = true;
12  $serviceShowMenu = true;
13 
14  // ** INCLUDE MAIN GLOBAL SCRIPT -- Handles security / global variable values
15  require_once(dirname(__FILE__) . '/../library/hcuService.i');
16 
17  /*
18  * ** CHECK USER FEATURE PERMISSIONS **
19  * NOTE: DOES NOT RETURN ON FAILURE
20  */
21  PermCheckFeatureScreen($dbh, $HB_ENV, $MC, FEATURE_BASIC);
22 
23  // ** INSERT BUSINESS LOGIC FOR THIS FORM
24 
25 
26  // ** SET VARIABLES FOR WEBSITE FLAGS
27 
28  // ** INCLUDE PRE CONTENT SCRIPT
29  require_once(dirname(__FILE__) . '/../includes/hcuPreContent.i');
30 
31  /*
32  * ** START CONTENT
33  */
34  // allowed special characters (this needs to also match in hucProfile.data and hcuProfileRequire)
35  $specialCharacters = Get_PwdSpecialCharacters();
36 
37  // read the password requirements, if any
38  $pwdConfigAry = Get_PwdRules( $dbh, $HB_ENV );
39 
40  // flag if using password requirements
41  $hasPwdRequirements = 1;
42  if ( $hasPwdRequirements ) {
43  $pwdConfigJSON = json_encode( $pwdConfigAry );
44  } else {
45  $pwdConfigJSON = "{}";
46  }
47 
48  // set up the messages regarding what is being checked
49  $pwdRequirements = array();
50  if (HCU_array_key_value("len", $pwdConfigAry) > 0) {
51  $text = ( $pwdConfigAry["len"] > 1 ) ? $MC->msg("Characters", HCU_DISPLAY_AS_HTML) : $MC->msg("Character", HCU_DISPLAY_AS_HTML);
52  $pwdRequirements[] = array( "which"=>"len", "text"=>"{$pwdConfigAry["len"]} {$text}" );
53  }
54  if (HCU_array_key_value("upper", $pwdConfigAry) > 0) {
55  $text = ( $pwdConfigAry["upper"] > 1 ) ? $MC->msg("UPPER letters", HCU_DISPLAY_AS_HTML) : $MC->msg("UPPER letter", HCU_DISPLAY_AS_HTML);
56  $pwdRequirements[] = array( "which"=>"upper", "text"=>"{$pwdConfigAry["upper"]} {$text}" );
57  }
58  if (HCU_array_key_value("lower", $pwdConfigAry) > 0) {
59  $text = ( $pwdConfigAry["lower"] > 1 ) ? $MC->msg("lower letters", HCU_DISPLAY_AS_HTML) : $MC->msg("lower letter", HCU_DISPLAY_AS_HTML);
60  $pwdRequirements[] = array( "which"=>"lower", "text"=>"{$pwdConfigAry["lower"]} {$text}" );
61  }
62  if (HCU_array_key_value("letter", $pwdConfigAry) > 0) {
63  // there is always only "1" letter, since that is a legacy default
64  $text = $MC->msg("Letter", HCU_DISPLAY_AS_HTML);
65  $pwdRequirements[] = array( "which"=>"letter", "text"=>"{$pwdConfigAry["letter"]} {$text}" );
66  }
67  if (HCU_array_key_value("spec", $pwdConfigAry) > 0) {
68  $text = ( $pwdConfigAry["spec"] > 1 ) ? $MC->msg("Special characters", HCU_DISPLAY_AS_HTML) : $MC->msg("Special character", HCU_DISPLAY_AS_HTML);
69  $pwdRequirements[] = array( "which"=>"spec", "text"=>"{$pwdConfigAry["spec"]} {$text} <span class='fa fa-question-circle-o' style='color: #333' id='specialTip'></span>" );
70  }
71  if (HCU_array_key_value("digit", $pwdConfigAry) > 0) {
72  $text = ( $pwdConfigAry["digit"] > 1 ) ? $MC->msg("Numbers", HCU_DISPLAY_AS_HTML) : $MC->msg("Number", HCU_DISPLAY_AS_HTML);
73  $pwdRequirements[] = array( "which"=>"digit", "text"=>"{$pwdConfigAry["digit"]} {$text}" );
74  }
75 
76  // figure out the password help doc
77  $pwdHelpAry = Get_NoticeInfo($dbh, $HB_ENV, $MC, "D", "pwdRules", FALSE);
78  $pwdHelpURL = "";
79 
80  if ( $pwdHelpAry["status"]["code"] == "000" && HCU_array_key_exists('0', $pwdHelpAry["notice"]) && HCU_array_key_exists('notice_id', $pwdHelpAry["notice"][0]) ) {
81  $noticeOption = $pwdHelpAry['notice'][0];
82 
83  $noticeOptions = Array (
84  'docsid' => $noticeOption['notice_id'],
85  'docstype' => $noticeOption['notice_type'],
86  'device' => 'D',
87  'noticeOnly' => '1',
88  'expireTime' => mktime() + 86400
89  );
90 
91  $encryptedDocDetails= HCU_PayloadEncode($HB_ENV['Cu'], $noticeOptions);
92 
93  // build the url encoded string
94  $pwdHelpURL = $HB_ENV['homebankingpath'] . '/hcuViewNotice.prg?cu=' . $HB_ENV['cu'] . '&x=' . urlencode($encryptedDocDetails);
95  }
96 
97  ?>
98 <script type="text/javascript">
99 function validateForm() {
100  // this will validate the current password limit
101  var formValid = $.homecuValidator.validate();
102 
103  // this will validate the new/confirm password limits
104  var testStepThree = false;
105  var testVal = $("#profilePasswordNew1").val();
106  var testLength = testVal.length >= pwdRequirements['len'];
107 
108  var testUpper = RegExp("([A-Z].*){" + pwdRequirements['upper'] + "}");
109  testUpper = testUpper.test(testVal);
110 
111  var testLower = RegExp("([a-z].*){" + pwdRequirements['lower'] + "}");
112  testLower = testLower.test(testVal);
113 
114  var testDigit = RegExp("(\\d.*){" + pwdRequirements['digit'] + "}");
115  testDigit = testDigit.test(testVal);
116 
117  var testSpecial = pwdSpecial.join("|");
118  testSpecial = testSpecial.replace(/[-\/\\^$*+?.()|[\]{}]/g, '\\$&');
119  testSpecial = RegExp("([" + testSpecial + "].*){" + pwdRequirements['spec'] + "}");
120  testSpecial = testSpecial.test(testVal);
121 
122  var testLetter = testUpper && testLower;
123 
124  if (pwdRequirements['len'] > 0 && testLength == false) { testStepThree = false; }
125  else if (pwdRequirements['upper'] > 0 && testUpper == false) { testStepThree = false; }
126  else if (pwdRequirements['lower'] > 0 && testLower == false) { testStepThree = false; }
127  else if (pwdRequirements['digit'] > 0 && testDigit == false) { testStepThree = false; }
128  else if (pwdRequirements['spec'] > 0 && testSpecial == false) { testStepThree = false; }
129  else if (pwdRequirements['letter'] > 0 && testLetter == false) { testStepThree = false; }
130  else { testStepThree = true; }
131 
132  var stepThreeError = "<?php echo $MC->msg('New password requirements', HCU_DISPLAY_AS_HTML) ?>";
133  var errors = $.homecuValidator.homecuKendoValidator.errors();
134 
135  // strip the first message if length is 0
136  if (!testLength) {
137  var index = $.inArray(stepThreeError, errors);
138  if (index > -1) {
139  errors.splice(index, 1);
140  }
141  }
142 
143  if (!testStepThree) {
144  errors.push(stepThreeError);
145  $.homecuValidator.displayMessage(errors, $.homecuValidator.settings.statusError);
146  }
147 
148  return formValid && testStepThree;
149 }
150 
151 function show_help()
152 {
153  <?php
154  if ( strlen( $pwdHelpURL ) > 0 ) {
155  ?>
156  ShowNotice( "<?php echo $pwdHelpURL ?>" );
157  <?php
158  }
159  ?>
160 }
161 
162  var pwdRequirements = <?php echo $pwdConfigJSON; ?>;
163  var pwdSpecial = <?php echo HCU_JsonEncode(explode(",", $specialCharacters )); ?>;
164  $(document).ready(function() {
165 
166  // status will be shown in the default info location
167  function ShowStatus( statusMessage ) {
168  $.homecuValidator.settings.formStatusField = "formStatus";
169  $.homecuValidator.settings.formInfoTitle = "";
170  $.homecuValidator.displayMessage(statusMessage);
171  }
172 
173  function ClearStatus( ) {
174  $.homecuValidator.settings.formStatusField = "formStatus";
175  $.homecuValidator.settings.formInfoTitle = "";
176  $.homecuValidator.displayMessage(null);
177  }
178 
179  $("#btnUpdate").click( function() {
180  if ( validateForm() ) {
181  var request = {
182  action: "pwd_save",
183  old: $("#profilePasswordCurr").val(),
184  new1: $("#profilePasswordNew1").val(),
185  new2: $("#profilePasswordNew2").val(),
186  sawhints: "Y"
187  };
188 
189  // use AJAX to update because it is difficult to use the datasource for a simple POST command
190  $.ajax({
191  url: "hcuProfile.data?cu=<?php echo $HB_ENV["cu"] ?>",
192  type: "post",
193  data: request,
194  beforeSend: function( xhr ) {
195  ShowWaitWindow();
196  }
197  })
198  .done(function( data, textStatus, jqXHR ) {
199  if ( data && data.homecuErrors ) {
200  // show the error information
201  $.homecuValidator.displayMessage(data.homecuErrors, $.homecuValidator.settings.statusError);
202  } else {
203  if ( data && data.homecuInfo && (data.homecuInfo.message.length > 0) ) {
204  ShowStatus( data.homecuInfo.message );
205  }
206 
207 
208  // present the device key to the apps
209  if ( data.homecuData &&
210  data.homecuData.homecuKey &&
211  (data.homecuData.homecuKey.length > 0) ) {
212  var appInfo = JSON.stringify( { deviceKey: data.homecuData.homecuKey,
213  newPassword: $("#profilePasswordNew1").val() } );
214 
215  <?php if ( $HB_ENV["platform"] == "ADA" ) : ?>
216  AndroidController.notifyCommand("NEW_DEVICE_KEY", appInfo);
217  <?php elseif ( $HB_ENV["platform"] == "APP" ) : ?>
218  var postObject = {
219  body: {
220  cmd: "NEW_DEVICE_KEY",
221  params: appInfo
222  }
223  };
224  window.webkit.messageHandlers.interOp.postMessage(postObject);
225  <?php endif ?>
226  }
227 
228  // if no error, clear out the values
229  $("#profilePasswordCurr").val("");
230  $("#profilePasswordNew1").val("");
231  $("#profilePasswordNew2").val("");
232 
233  // if no error reset requirements list
234  $("#len .fa").removeClass("fa-check").addClass("fa-times");
235  $("#len").css("color", "red");
236  $("#upper .fa").removeClass("fa-check").addClass("fa-times");
237  $("#upper").css("color", "red");
238  $("#lower .fa").removeClass("fa-check").addClass("fa-times");
239  $("#lower").css("color", "red");
240  $("#letter .fa").removeClass("fa-check").addClass("fa-times");
241  $("#letter").css("color", "red");
242  $("#spec .fa:first").removeClass("fa-check").addClass("fa-times");
243  $("#spec").css("color", "red");
244  $("#digit .fa").removeClass("fa-check").addClass("fa-times");
245  $("#digit").css("color", "red");
246 
247  <?php
248  // let apps know we did an update to profile info
249  if ( $HB_ENV["platform"] == "APP" || $HB_ENV["platform"] == "ADA" ) {
250  $paramsForApps = array( "script" => "ProfilePwd" );
251  $paramsJSON = HCU_JsonEncode($paramsForApps);
252  ?>
253  var appInfo = '<?php echo $paramsJSON; ?>';
254 
255  <?php if ( $HB_ENV["platform"] == "ADA" ) : ?>
256  AndroidController.notifyCommand("PROFILE_UPDATE", appInfo);
257  <?php elseif ( $HB_ENV["platform"] == "APP" ) : ?>
258  var postObject = {
259  body: {
260  cmd: "PROFILE_UPDATE",
261  params: appInfo
262  }
263  };
264  window.webkit.messageHandlers.interOp.postMessage(postObject);
265  <?php endif ?>
266  <?php
267  }
268  ?>
269 
270 
271  }
272  })
273  .fail(function(jqXHR, textStatus, errorThrown) {
274  // show the error information
275  $.homecuValidator.displayMessage(textStatus, $.homecuValidator.settings.statusError);
276  })
277  .always(function(jqXHR, textStatus, errorThrown) {
278  // stop the progress bar
279  CloseWaitWindow();
280  });
281  }
282  });
283 
284  // set up some validation, using the default error location
285  $.homecuValidator.setup({formValidate: "formProfile",
286  formErrorTitle: "<?php echo $MC->msg("Error Occurred", HCU_DISPLAY_AS_JS) ?>"});
287 
288  homecuTooltip.bind({
289  reenterTip: "<?php echo $MC->msg("Tip Re-enter Password", HCU_DISPLAY_AS_JS); ?>",
290  newTip1: "<?php echo $MC->msg( "New password requirements", HCU_DISPLAY_AS_JS ) . "<br />" . $MC->msg('Case Sensitive', HCU_DISPLAY_AS_JS); ?>",
291  newTip2: "<?php echo $MC->msg("Enter NEW password again to confirm", HCU_DISPLAY_AS_JS); ?>"
292  });
293 
294  function revertPassword() {
295  $("#showPasswordText").val( "" );
296  $("#showPasswordText").css( "display", "none" );
297  $("#profilePasswordNew1").css( "display", "inline" );
298  }
299 
300  $("#showPassword").click(function() {
301  $("#showPasswordText").val( $("#profilePasswordNew1").val() )
302  $("#profilePasswordNew1").css( "display", "none" );
303  $("#showPasswordText").css( "display", "inline" );
304  setTimeout(revertPassword, 1000);
305  });
306 
307  <?php
308  if ( $hasPwdRequirements ) {
309  ?>
310 
311  homecuTooltip.bind({
312  specialTip: "<?php echo $MC->msg("Special characters allowed", HCU_DISPLAY_AS_JS); ?>: <?php echo implode( " ", explode( ",", $specialCharacters ) ); ?>"
313  });
314 
315  $("#profilePasswordNew1").keyup(function () {
316  // see which requirements are passing or failing
317  var testVal = $("#profilePasswordNew1").val();
318  var testLength = false;
319  var testUpper = false;
320  var testLower = false;
321  var testDigit = false;
322  var testSpeciel = false;
323  var testLetter = false;
324 
325  testLength = testVal.length >= pwdRequirements['len'];
326 
327  testUpper = RegExp("([A-Z].*){" + pwdRequirements['upper'] + "}");
328  testUpper = testUpper.test(testVal);
329 
330  testLower = RegExp("([a-z].*){" + pwdRequirements['lower'] + "}");
331  testLower = testLower.test(testVal);
332 
333  testDigit = RegExp("(\\d.*){" + pwdRequirements['digit'] + "}");
334  testDigit = testDigit.test(testVal);
335 
336  testSpecial = pwdSpecial.join("|");
337  testSpecial = testSpecial.replace(/[-\/\\^$*+?.()|[\]{}]/g, '\\$&');
338  testSpecial = RegExp("([" + testSpecial + "].*){" + pwdRequirements['spec'] + "}");
339  testSpecial = testSpecial.test(testVal);
340 
341  testLetter = testUpper && testLower;
342 
343  // test overal length requirement
344  if (pwdRequirements["len"] > 0) {
345  if ( testLength ) {
346  $("#len .fa").removeClass("fa-times").addClass("fa-check");
347  $("#len").css("color", "green");
348  } else {
349  $("#len .fa").removeClass("fa-check").addClass("fa-times");
350  $("#len").css("color", "red");
351  }
352  }
353 
354  if ( pwdRequirements["upper"] > 0 ) {
355  if ( testUpper ) {
356  $("#upper .fa").removeClass("fa-times").addClass("fa-check");
357  $("#upper").css("color", "green");
358  } else {
359  $("#upper .fa").removeClass("fa-check").addClass("fa-times");
360  $("#upper").css("color", "red");
361  }
362  }
363 
364  if ( pwdRequirements["lower"] > 0 ) {
365  if ( testLower ) {
366  $("#lower .fa").removeClass("fa-times").addClass("fa-check");
367  $("#lower").css("color", "green");
368  } else {
369  $("#lower .fa").removeClass("fa-check").addClass("fa-times");
370  $("#lower").css("color", "red");
371  }
372  }
373 
374  if ( pwdRequirements["digit"] > 0 ) {
375  if ( testDigit ) {
376  $("#digit .fa").removeClass("fa-times").addClass("fa-check");
377  $("#digit").css("color", "green");
378  } else {
379  $("#digit .fa").removeClass("fa-check").addClass("fa-times");
380  $("#digit").css("color", "red");
381  }
382  }
383 
384  if ( pwdRequirements["spec"] > 0 ) {
385  if ( testSpecial ) {
386  $("#spec .fa:first").removeClass("fa-times").addClass("fa-check");
387  $("#spec").css("color", "green");
388  } else {
389  $("#spec .fa:first").removeClass("fa-check").addClass("fa-times");
390  $("#spec").css("color", "red");
391  }
392  }
393 
394  if ( pwdRequirements["letter"] > 0 ) {
395  if ( testLetter ) {
396  $("#letter .fa").removeClass("fa-times").addClass("fa-check");
397  $("#letter").css("color", "green");
398  } else {
399  $("#letter .fa").removeClass("fa-check").addClass("fa-times");
400  $("#letter").css("color", "red");
401  }
402  }
403  });
404 
405  <?php
406  }
407  ?>
408 
409  });
410 
411 
412 </script>
413 <!-- STYLE CONTENT -->
414 <style type="text/css">
415 .hcuProfilePwdDiv {
416  min-width: 300px;
417  max-width: 700px;
418  margin-left: 0px;
419  margin-top: 15px;
420 }
421 
422 .container-fluid-margin {
423  margin: 15px;
424 }
425 
426 .k-block > .k-header {
427  white-space: normal;
428  height: 100%;
429 }
430 
431 .hcu-info-margin, .hcu-error-margin {
432  margin: 15px 0;
433 }
434 
435 .hcu-info-padding, .hcu-error-padding {
436  padding: 15px;
437 }
438 
439 .hcu-full-width {
440  width: 100%;
441 }
442 
443 /* top-bottom margin */
444 .hcu-container-margin {
445  margin: 15px 0;
446 }
447 
448 .hcu-no-padding {
449  padding: 0;
450 }
451 
452 .pwd-fail {color:red}
453 .pwd-pass {color: green}
454 </style>
455 
456 <!-- HTML CONTENT -->
457 <div class="container-fluid hcuProfilePwdDiv">
458  <div class="well well-sm">
459 
460  <!-- HEADER -->
461  <div>
462  <h3><?php echo $MC->msg('Change Password', HCU_DISPLAY_AS_HTML); ?></h3>
463  </div>
464 
465  <!-- FORM ELEMENTS -->
466  <form id="formProfile" name="formProfile">
467  <fieldset>
468  <div class="col-xs-12 hcu-container-margin">
469  <label for="profilePasswordCurr" class="hcu-full-width">
470  <span><?php echo $MC->msg('Re-enter Password', HCU_DISPLAY_AS_HTML); ?>: </span>
471  <span class="fa fa-question-circle-o" id="reenterTip"></span>
472  </label>
473 
474  <input type="password" name="profilePasswordCurr"
475  id="profilePasswordCurr"
476  class="k-textbox hcu-full-width"
477  placeholder="<?php echo $MC->msg('Re-enter Password', HCU_DISPLAY_AS_HTML); ?>"
478  data-required-msg="<?php echo $MC->msg('Invalid Authentication', HCU_DISPLAY_AS_HTML) ?>"
479  required >
480 
481  <?php if ( strlen( $pwdHelpURL ) > 0 ) { ?>
482  <div class="hcu-full-width">
483  <br>
484  <span><?php echo $MC->combo_msg('Password Hints Doc', HCU_DISPLAY_AS_HTML, "#link#", "javascript:show_help();"); ?></span>
485  </div>
486  <?php } ?>
487 
488  </div>
489  </fieldset>
490 
491  <fieldset>
492  <div class="col-xs-12 col-sm-6 hcu-container-margin">
493  <label for="profilePasswordNew1" class="hcu-full-width">
494  <span><?php echo $MC->msg('New Password', HCU_DISPLAY_AS_HTML); ?>:</span>
495  <span class="fa fa-question-circle-o" id="newTip1"></span>
496  </label>
497 
498  <input type="text" name="showPasswordText" id="showPasswordText" class="k-textbox hcu-full-width" style="display:none;">
499 
500  <input type="password" name="profilePasswordNew1"
501  id="profilePasswordNew1"
502  class="k-textbox hcu-full-width must_equal"
503  placeholder="<?php echo $MC->msg('New Password', HCU_DISPLAY_AS_HTML); ?>"
504  maxlength="20"
505  homecu-minlen="6"
506  homecu-maxlen="20"
507  data-required-msg="<?php echo $MC->msg('New password requirements', HCU_DISPLAY_AS_HTML) ?>"
508  data-homecuCustomMinLen-msg="<?php echo $MC->msg( "New password requirements", HCU_DISPLAY_AS_HTML) ?>"
509  data-homecuCustomMaxLen-msg="<?php echo $MC->msg( "New password requirements", HCU_DISPLAY_AS_HTML) ?>"
510  required >
511  </div>
512 
513  <div class="col-xs-12 col-sm-6 hcu-container-margin">
514  <label class="hcu-full-width hidden-xs">&nbsp;</label>
515 
516  <button type='button' id='showPassword' class='k-button'>
517  <span><?php echo $MC->msg( "Show", HCU_DISPLAY_AS_HTML ); ?></span>
518  </button>
519  </div>
520  </fieldset>
521 
522  <fieldset>
523  <div class="col-xs-12 col-sm-6 hcu-container-margin">
524  <label for="profilePasswordNew2">
525  <span><?php echo $MC->msg('Confirm New Password', HCU_DISPLAY_AS_HTML); ?>: </span>
526  <span class="fa fa-question-circle-o" id="newTip2"></span>
527  </label>
528 
529  <input type="password" name="profilePasswordNew2"
530  id="profilePasswordNew2"
531  class="k-textbox hcu-full-width"
532  placeholder="<?php echo $MC->msg('Confirm New Password', HCU_DISPLAY_AS_HTML); ?>"
533  maxlength="20"
534  homecu-minlen="6"
535  homecu-maxlen="20"
536  homecu-equals="must_equal"
537  data-required-msg="<?php echo $MC->msg('New passwords do not match', HCU_DISPLAY_AS_HTML) ?>"
538  data-homecuCustomEquals-msg="<?php echo $MC->msg('New passwords do not match', HCU_DISPLAY_AS_HTML) ?>"
539  required>
540  </div>
541 
542  <div class="col-xs-12 col-sm-6 hcu-container-margin">
543  <label for="passRequirements">
544  <span><?php echo $MC->msg("Password Requirements", HCU_DISPLAY_AS_HTML); ?>:</span>
545  </label>
546 
547  <div class="k-block k-shadow">
548  <?php
549  for($i = 0; $i < count($pwdRequirements); $i++) {
550  print "
551  <span id='{$pwdRequirements[$i]["which"]}' style='color: red;'>
552  <span class='fa fa-times'></span>
553  <span>{$pwdRequirements[$i]["text"]}</span>
554  </span><br />";
555  }
556  ?>
557  </div>
558  </div>
559  </fieldset>
560 
561  </form>
562  </div>
563  <div class="hcu-template">
564  <div class="hcu-edit-buttons k-state-default">
565  &emsp;
566  <a href="##" id="btnUpdate" class="k-button k-primary">
567  <i class="fa fa-check fa-lg"></i><?php echo $MC->msg("Update", HCU_DISPLAY_AS_HTML); ?>
568  </a>
569  </div>
570  </div>
571 </div>
572 <?php
573  /*
574  * ** END CONTENT
575  */
576 
577  // ** INCLUDE POST CONTENT SCRIPT
578  require_once(dirname(__FILE__) . '/../includes/hcuPostContent.i');
579 
580 ?>
Generated by   doxygen 1.8.15