X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Fpassword.php;h=aef1accdcc62389d5f3f99af279aceaf8b6ce6ab;hb=506843e55d1381172c7a8e629a2447588dba67fe;hp=31831d3a935e5a7db189b7fd455f16eac50ef24a;hpb=fac522f4d7cce9a35e605fac2bba0b2d23616ad0;p=quix0rs-gnu-social.git diff --git a/actions/password.php b/actions/password.php index 31831d3a93..aef1accdcc 100644 --- a/actions/password.php +++ b/actions/password.php @@ -1,91 +1,91 @@ . */ -if (!defined('LACONICA')) { exit(1) } +if (!defined('LACONICA')) { exit(1); } + +require_once(INSTALLDIR.'/lib/settingsaction.php'); class PasswordAction extends SettingsAction { - - function handle($args) { - parent::handle($args); - if (!common_logged_in()) { - common_user_error(_t('Not logged in.')); - return; - } - if ($this->arg('METHOD') == 'POST') { - $this->handle_post(); - } else { - $this->show_form(); - } + + function get_instructions() { + return _('You can change your password here. Choose a good one!'); } function show_form($msg=NULL, $success=false) { - common_show_header(_t('Change password')); - $this->settings_menu(); - if ($msg) { - common_element('div', ($success) ? 'success' : 'error', - $msg); - } - common_start_element('form', array('method' => 'POST', + $user = common_current_user(); + $this->form_header(_('Change password'), $msg, $success); + common_element_start('form', array('method' => 'post', 'id' => 'password', - 'action' => + 'action' => common_local_url('password'))); - common_password('oldpassword', _t('Old password')); - common_password('newpassword', _t('New password')); - common_password('confirm', _t('Confirm')); - common_element('input', array('name' => 'submit', - 'type' => 'submit', - 'id' => 'submit'), - _t('Login')); - common_element('input', array('name' => 'cancel', - 'type' => 'button', - 'id' => 'cancel'), - _t('Cancel')); + # Users who logged in with OpenID won't have a pwd + if ($user->password) { + common_password('oldpassword', _('Old password')); + } + common_password('newpassword', _('New password'), + _('6 or more characters')); + common_password('confirm', _('Confirm'), + _('same as password above')); + common_submit('submit', _('Change')); + common_element_end('form'); + common_show_footer(); } - + function handle_post() { $user = common_current_user(); assert(!is_null($user)); # should already be checked - + # FIXME: scrub input - $oldpassword = $this->arg('oldpassword'); $newpassword = $this->arg('newpassword'); $confirm = $this->arg('confirm'); - + if (0 != strcmp($newpassword, $confirm)) { - $this->show_form(_t('Passwords don\'t match')); + $this->show_form(_('Passwords don\'t match.')); return; } - if (!common_check_user($user->nickname, $oldpassword)) { - $this->show_form(_t('Incorrect old password')); - return; + if ($user->password) { + $oldpassword = $this->arg('oldpassword'); + + if (!common_check_user($user->nickname, $oldpassword)) { + $this->show_form(_('Incorrect old password')); + return; + } } - + + $original = clone($user); + $user->password = common_munge_password($newpassword, $user->id); - - if (!$user->update()) { - common_server_error(_t('Can\'t save new password.')); + + $val = $user->validate(); + if ($val !== TRUE) { + $this->show_form(_('Error saving user; invalid.')); return; } - - $this->show_form(_t('Password saved'), true); + + if (!$user->update($original)) { + common_server_error(_('Can\'t save new password.')); + return; + } + + $this->show_form(_('Password saved.'), true); } -} \ No newline at end of file +}