X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Fpassword.php;h=aef1accdcc62389d5f3f99af279aceaf8b6ce6ab;hb=506843e55d1381172c7a8e629a2447588dba67fe;hp=fb670ecc9ea2a2bbffa938ff084b2a14b94a3c75;hpb=3b14b7901c65144835d74b712279d0492c267c0c;p=quix0rs-gnu-social.git diff --git a/actions/password.php b/actions/password.php index fb670ecc9e..aef1accdcc 100644 --- a/actions/password.php +++ b/actions/password.php @@ -1,75 +1,91 @@ . */ if (!defined('LACONICA')) { exit(1); } +require_once(INSTALLDIR.'/lib/settingsaction.php'); + class PasswordAction extends SettingsAction { - + + function get_instructions() { + return _('You can change your password here. Choose a good one!'); + } + function show_form($msg=NULL, $success=false) { - common_show_header(_t('Change password')); - $this->settings_menu(); - $this->message($msg, $success); - common_start_element('form', array('method' => 'POST', + $user = common_current_user(); + $this->form_header(_('Change password'), $msg, $success); + common_element_start('form', array('method' => 'post', 'id' => 'password', - 'action' => + 'action' => common_local_url('password'))); - common_password('oldpassword', _t('Old password')); - common_password('newpassword', _t('New password')); - common_password('confirm', _t('Confirm')); - common_element('input', array('name' => 'submit', - 'type' => 'submit', - 'id' => 'submit'), - _t('Login')); - common_element('input', array('name' => 'cancel', - 'type' => 'button', - 'id' => 'cancel'), - _t('Cancel')); + # Users who logged in with OpenID won't have a pwd + if ($user->password) { + common_password('oldpassword', _('Old password')); + } + common_password('newpassword', _('New password'), + _('6 or more characters')); + common_password('confirm', _('Confirm'), + _('same as password above')); + common_submit('submit', _('Change')); + common_element_end('form'); + common_show_footer(); } - + function handle_post() { $user = common_current_user(); assert(!is_null($user)); # should already be checked - + # FIXME: scrub input - $oldpassword = $this->arg('oldpassword'); $newpassword = $this->arg('newpassword'); $confirm = $this->arg('confirm'); - + if (0 != strcmp($newpassword, $confirm)) { - $this->show_form(_t('Passwords don\'t match')); + $this->show_form(_('Passwords don\'t match.')); return; } - if (!common_check_user($user->nickname, $oldpassword)) { - $this->show_form(_t('Incorrect old password')); - return; + if ($user->password) { + $oldpassword = $this->arg('oldpassword'); + + if (!common_check_user($user->nickname, $oldpassword)) { + $this->show_form(_('Incorrect old password')); + return; + } } - + + $original = clone($user); + $user->password = common_munge_password($newpassword, $user->id); - - if (!$user->update()) { - common_server_error(_t('Can\'t save new password.')); + + $val = $user->validate(); + if ($val !== TRUE) { + $this->show_form(_('Error saving user; invalid.')); return; } - - $this->show_form(_t('Password saved'), true); + + if (!$user->update($original)) { + common_server_error(_('Can\'t save new password.')); + return; + } + + $this->show_form(_('Password saved.'), true); } -} \ No newline at end of file +}