3 * Laconica, the distributed open-source microblogging tool
9 * LICENCE: This program is free software: you can redistribute it and/or modify
10 * it under the terms of the GNU Affero General Public License as published by
11 * the Free Software Foundation, either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Affero General Public License for more details.
19 * You should have received a copy of the GNU Affero General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>.
24 * @author Evan Prodromou <evan@controlyourself.ca>
25 * @author Zach Copley <zach@controlyourself.ca>
26 * @copyright 2008-2009 Control Yourself, Inc.
27 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
28 * @link http://laconi.ca/
31 if (!defined('LACONICA')) {
35 require_once INSTALLDIR.'/lib/accountsettingsaction.php';
42 * @author Evan Prodromou <evan@controlyourself.ca>
43 * @author Zach Copley <zach@controlyourself.ca>
44 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
45 * @link http://laconi.ca/
48 class PasswordsettingsAction extends AccountSettingsAction
53 * @return string Title of the page
58 return _('Change password');
62 * Instructions for use
64 * @return instructions for use
67 function getInstructions()
69 return _('Change your password.');
73 * Content area of the page
75 * Shows a form for changing the password
80 function showContent()
82 $user = common_current_user();
83 $this->elementStart('form', array('method' => 'POST',
86 common_local_url('profilesettings')));
88 $this->hidden('token', common_session_token());
90 // Users who logged in with OpenID won't have a pwd
91 if ($user->password) {
92 $this->password('oldpassword', _('Old password'));
94 $this->password('newpassword', _('New password'),
95 _('6 or more characters'));
96 $this->password('confirm', _('Confirm'),
97 _('same as password above'));
98 $this->submit('changepass', _('Change'));
99 $this->elementEnd('form');
105 * Validate input and save changes. Reload the form with a success
111 function handlePost()
115 $token = $this->trimmed('token');
116 if (!$token || $token != common_session_token()) {
117 $this->showForm(_('There was a problem with your session token. '.
118 'Try again, please.'));
122 $user = common_current_user();
123 assert(!is_null($user)); // should already be checked
125 // FIXME: scrub input
127 $newpassword = $this->arg('newpassword');
128 $confirm = $this->arg('confirm');
130 if (0 != strcmp($newpassword, $confirm)) {
131 $this->showForm(_('Passwords don\'t match.'));
135 if ($user->password) {
136 $oldpassword = $this->arg('oldpassword');
138 if (!common_check_user($user->nickname, $oldpassword)) {
139 $this->showForm(_('Incorrect old password'));
144 $original = clone($user);
146 $user->password = common_munge_password($newpassword, $user->id);
148 $val = $user->validate();
150 $this->showForm(_('Error saving user; invalid.'));
154 if (!$user->update($original)) {
155 $this->serverError(_('Can\'t save new password.'));
159 $this->showForm(_('Password saved.'), true);