3 * Laconica, the distributed open-source microblogging tool
9 * LICENCE: This program is free software: you can redistribute it and/or modify
10 * it under the terms of the GNU Affero General Public License as published by
11 * the Free Software Foundation, either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Affero General Public License for more details.
19 * You should have received a copy of the GNU Affero General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>.
24 * @author Evan Prodromou <evan@controlyourself.ca>
25 * @author Zach Copley <zach@controlyourself.ca>
26 * @copyright 2008-2009 Control Yourself, Inc.
27 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
28 * @link http://laconi.ca/
31 if (!defined('LACONICA')) {
35 require_once INSTALLDIR.'/lib/accountsettingsaction.php';
42 * @author Evan Prodromou <evan@controlyourself.ca>
43 * @author Zach Copley <zach@controlyourself.ca>
44 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
45 * @link http://laconi.ca/
48 class PasswordsettingsAction extends AccountSettingsAction
53 * @return string Title of the page
58 return _('Change password');
62 * Instructions for use
64 * @return instructions for use
67 function getInstructions()
69 return _('Change your password.');
73 * Content area of the page
75 * Shows a form for changing the password
80 function showContent()
82 $user = common_current_user();
83 $this->elementStart('form', array('method' => 'POST',
84 'id' => 'form_password',
85 'class' => 'form_settings',
87 common_local_url('passwordsettings')));
88 $this->elementStart('fieldset');
89 $this->element('legend', null, _('Password change'));
90 $this->hidden('token', common_session_token());
93 $this->elementStart('ul', 'form_data');
94 // Users who logged in with OpenID won't have a pwd
95 if ($user->password) {
96 $this->elementStart('li');
97 $this->password('oldpassword', _('Old password'));
98 $this->elementEnd('li');
100 $this->elementStart('li');
101 $this->password('newpassword', _('New password'),
102 _('6 or more characters'));
103 $this->elementEnd('li');
104 $this->elementStart('li');
105 $this->password('confirm', _('Confirm'),
106 _('same as password above'));
107 $this->elementEnd('li');
108 $this->elementEnd('ul');
110 $this->submit('changepass', _('Change'));
112 $this->elementEnd('fieldset');
113 $this->elementEnd('form');
119 * Validate input and save changes. Reload the form with a success
125 function handlePost()
129 $token = $this->trimmed('token');
130 if (!$token || $token != common_session_token()) {
131 $this->showForm(_('There was a problem with your session token. '.
132 'Try again, please.'));
136 $user = common_current_user();
137 assert(!is_null($user)); // should already be checked
139 // FIXME: scrub input
141 $newpassword = $this->arg('newpassword');
142 $confirm = $this->arg('confirm');
146 if (strlen($newpassword) < 6) {
147 $this->showForm(_('Password must be 6 or more characters.'));
149 } else if (0 != strcmp($newpassword, $confirm)) {
150 $this->showForm(_('Passwords don\'t match.'));
154 if ($user->password) {
155 $oldpassword = $this->arg('oldpassword');
157 if (!common_check_user($user->nickname, $oldpassword)) {
158 $this->showForm(_('Incorrect old password'));
163 $original = clone($user);
165 $user->password = common_munge_password($newpassword, $user->id);
167 $val = $user->validate();
169 $this->showForm(_('Error saving user; invalid.'));
173 if (!$user->update($original)) {
174 $this->serverError(_('Can\'t save new password.'));
178 $this->showForm(_('Password saved.'), true);