X-Git-Url: http://git.annexia.org/?a=blobdiff_plain;f=scripts%2Flogin.ml;h=e316d64a82d4668e186f4bcdcf0d4fda55af8729;hb=79f907772aef608a83338589f64c10a901889b5c;hp=533054d098572b9629967d5b5119224c56f35cb8;hpb=1f125fd7a6794f352f30de71a3905d5356a07008;p=cocanwiki.git

diff --git a/scripts/login.ml b/scripts/login.ml
index 533054d..e316d64 100644
--- a/scripts/login.ml
+++ b/scripts/login.ml
@@ -1,7 +1,22 @@
-(* Easy Web Pages (EWP) scripts.
+(* COCANWIKI - a wiki written in Objective CAML.
  * Written by Richard W.M. Jones <rich@merjis.com>.
  * Copyright (C) 2004 Merjis Ltd.
- * $Id: login.ml,v 1.2 2004/09/09 09:35:33 rich Exp $
+ * $Id: login.ml,v 1.4 2004/09/25 13:17:00 rich Exp $
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; see the file COPYING.  If not, write to
+ * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ * Boston, MA 02111-1307, USA.
  *)
 
 open Apache
@@ -20,13 +35,17 @@ let run r (q : cgi) (dbh : Dbi.connection) hostid _ _ =
   let permanent = try "1" = q#param "permanent" with Not_found -> false in
   let redirect = try q#param "redirect" with Not_found -> "/" in
 
-  let sth = dbh#prepare_cached "select id from users
+  let sth = dbh#prepare_cached "select id, force_password_change from users
                                  where name = ? and password = ?
                                    and hostid = ?" in
   sth#execute [`String username; `String password; `Int hostid];
 
   try
-    let userid = sth#fetch1int () in
+    let userid, force_password_change =
+      match sth#fetch1 () with
+	  [ `Int userid; `Bool force_password_change ] ->
+	    userid, force_password_change
+	| _ -> assert false in
 
     (* Create a cookie. *)
     let cookie = random_sessionid () in
@@ -36,6 +55,11 @@ let run r (q : cgi) (dbh : Dbi.connection) hostid _ _ =
 
     dbh#commit ();
 
+    (* Force password change? *)
+    let redirect =
+      if force_password_change then "/_bin/change_password_form.cmo"
+      else redirect in
+
     let cookie =
       if permanent then
 	Cookie.cookie ~name:"auth" ~value:cookie ~path:"/" ~expires ()
@@ -43,7 +67,9 @@ let run r (q : cgi) (dbh : Dbi.connection) hostid _ _ =
 	Cookie.cookie ~name:"auth" ~value:cookie ~path:"/" () in
 
     ok ~title:"Logged in" ~buttons:[ok_button redirect] ~cookie
-      q ("Welcome back " ^ username ^ ".")
+      q ("Welcome back " ^ username ^ "." ^
+	 if force_password_change then "  Please change your password now."
+	 else "")
   with
       Not_found ->
 	error