X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Frecoverpassword.php;h=dcff35f6ed32dddc72da3689c0cb4456c92428ef;hb=c899e4a84ee45b65950980ccb87e52129871d58e;hp=3d839e7514d6c45e154da5ef2035dc5378a032f6;hpb=4b9df58c90e25ea79aeec64c6e96f828fe06d7df;p=quix0rs-gnu-social.git diff --git a/actions/recoverpassword.php b/actions/recoverpassword.php index 3d839e7514..dcff35f6ed 100644 --- a/actions/recoverpassword.php +++ b/actions/recoverpassword.php @@ -1,7 +1,7 @@ . */ -if (!defined('LACONICA')) { exit(1); } +if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } # You have 24 hours to claim your password @@ -25,6 +25,9 @@ define(MAX_RECOVERY_TIME, 24 * 60 * 60); class RecoverpasswordAction extends Action { + var $mode = null; + var $msg = null; + var $success = null; function handle($args) { @@ -34,22 +37,22 @@ class RecoverpasswordAction extends Action return; } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($this->arg('recover')) { - $this->recover_password(); + $this->recoverPassword(); } else if ($this->arg('reset')) { - $this->reset_password(); + $this->resetPassword(); } else { $this->clientError(_('Unexpected form submission.')); } } else { if ($this->trimmed('code')) { - $this->check_code(); + $this->checkCode(); } else { - $this->show_form(); + $this->showForm(); } } } - function check_code() + function checkCode() { $code = $this->trimmed('code'); @@ -88,7 +91,7 @@ class RecoverpasswordAction extends Action # Note: it's still deleted; let's avoid a second attempt! if ((time() - $touched) > MAX_RECOVERY_TIME) { - common_log(LOG_WARNING, + common_log(LOG_WARNING, 'Attempted redemption on recovery code ' . 'that is ' . $touched . ' seconds old. '); $this->clientError(_('This confirmation code is too old. ' . @@ -112,17 +115,17 @@ class RecoverpasswordAction extends Action # Success! - $this->set_temp_user($user); - $this->show_password_form(); + $this->setTempUser($user); + $this->showPasswordForm(); } - function set_temp_user(&$user) + function setTempUser(&$user) { common_ensure_session(); $_SESSION['tempuser'] = $user->id; } - function get_temp_user() + function getTempUser() { common_ensure_session(); $user_id = $_SESSION['tempuser']; @@ -132,80 +135,121 @@ class RecoverpasswordAction extends Action return $user; } - function clear_temp_user() + function clearTempUser() { common_ensure_session(); unset($_SESSION['tempuser']); } - function show_top($msg=null) + function showPageNotice() { - if ($msg) { - $this->element('div', 'error', $msg); + if ($this->msg) { + $this->element('div', ($this->success) ? 'success' : 'error', $this->msg); } else { $this->elementStart('div', 'instructions'); - $this->element('p', null, - _('If you\'ve forgotten or lost your' . - ' password, you can get a new one sent to' . - ' the email address you have stored ' . - ' in your account.')); + if ($this->mode == 'recover') { + $this->element('p', null, + _('If you have forgotten or lost your' . + ' password, you can get a new one sent to' . + ' the email address you have stored' . + ' in your account.')); + } else if ($this->mode == 'reset') { + $this->element('p', null, + _('You have been identified. Enter a' . + ' new password below. ')); + } $this->elementEnd('div'); } } - function show_password_top($msg=null) + function showForm($msg=null) { - if ($msg) { - $this->element('div', 'error', $msg); - } else { - $this->element('div', 'instructions', - _('You\'ve been identified. Enter a ' . - ' new password below. ')); - } + $this->msg = $msg; + $this->mode = 'recover'; + $this->showPage(); } - function show_form($msg=null) + function showContent() { + if ($this->mode == 'recover') { + $this->showRecoverForm(); + } else if ($this->mode == 'reset') { + $this->showResetForm(); + } + } - common_show_header(_('Recover password'), null, - $msg, array($this, 'show_top')); - + function showRecoverForm() + { $this->elementStart('form', array('method' => 'post', - 'id' => 'recoverpassword', + 'id' => 'form_password_recover', + 'class' => 'form_settings', 'action' => common_local_url('recoverpassword'))); - $this->input('nicknameoremail', _('Nickname or email'), + $this->elementStart('fieldset'); + $this->element('legend', null, _('Password recovery')); + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->input('nicknameoremail', _('Nickname or email address'), $this->trimmed('nicknameoremail'), _('Your nickname on this server, ' . 'or your registered email address.')); + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->element('input', array('name' => 'recover', + 'type' => 'hidden', + 'value' => _('Recover'))); $this->submit('recover', _('Recover')); + $this->elementEnd('fieldset'); $this->elementEnd('form'); - common_show_footer(); } - function show_password_form($msg=null) + function title() { + switch ($this->mode) { + case 'reset': return _('Reset password'); + case 'recover': return _('Recover password'); + case 'sent': return _('Password recovery requested'); + case 'saved': return _('Password saved.'); + default: + return _('Unknown action'); + } + } - common_show_header(_('Reset password'), null, - $msg, array($this, 'show_password_top')); + function showPasswordForm($msg=null) + { + $this->msg = $msg; + $this->mode = 'reset'; + $this->showPage(); + } + function showResetForm() + { $this->elementStart('form', array('method' => 'post', - 'id' => 'recoverpassword', + 'id' => 'form_password_change', + 'class' => 'form_settings', 'action' => common_local_url('recoverpassword'))); + $this->elementStart('fieldset'); + $this->element('legend', null, _('Password change')); $this->hidden('token', common_session_token()); + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); $this->password('newpassword', _('New password'), _('6 or more characters, and don\'t forget it!')); + $this->elementEnd('li'); + $this->elementStart('li'); $this->password('confirm', _('Confirm'), _('Same as password above')); + $this->elementEnd('li'); + $this->elementEnd('ul'); $this->submit('reset', _('Reset')); + $this->elementEnd('fieldset'); $this->elementEnd('form'); - common_show_footer(); } - function recover_password() + function recoverPassword() { $nore = $this->trimmed('nicknameoremail'); if (!$nore) { - $this->show_form(_('Enter a nickname or email address.')); + $this->showForm(_('Enter a nickname or email address.')); return; } @@ -225,7 +269,7 @@ class RecoverpasswordAction extends Action } if (!$user) { - $this->show_form(_('No user with that email address or username.')); + $this->showForm(_('No user with that email address or username.')); return; } @@ -277,25 +321,24 @@ class RecoverpasswordAction extends Action mail_to_user($user, _('Password recovery requested'), $body, $confirm->address); - common_show_header(_('Password recovery requested')); - $this->element('p', null, - _('Instructions for recovering your password ' . + $this->mode = 'sent'; + $this->msg = _('Instructions for recovering your password ' . 'have been sent to the email address registered to your ' . - 'account.')); - common_show_footer(); + 'account.'); + $this->success = true; + $this->showPage(); } - function reset_password() + function resetPassword() { - # CSRF protection $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); + $this->showForm(_('There was a problem with your session token. Try again, please.')); return; } - $user = $this->get_temp_user(); + $user = $this->getTempUser(); if (!$user) { $this->clientError(_('Unexpected password reset.')); @@ -306,11 +349,11 @@ class RecoverpasswordAction extends Action $confirm = $this->trimmed('confirm'); if (!$newpassword || strlen($newpassword) < 6) { - $this->show_password_form(_('Password must be 6 chars or more.')); + $this->showPasswordForm(_('Password must be 6 chars or more.')); return; } if ($newpassword != $confirm) { - $this->show_password_form(_('Password and confirmation do not match.')); + $this->showPasswordForm(_('Password and confirmation do not match.')); return; } @@ -326,7 +369,7 @@ class RecoverpasswordAction extends Action return; } - $this->clear_temp_user(); + $this->clearTempUser(); if (!common_set_user($user->nickname)) { $this->serverError(_('Error setting user.')); @@ -335,9 +378,10 @@ class RecoverpasswordAction extends Action common_real_login(true); - common_show_header(_('Password saved.')); - $this->element('p', null, _('New password successfully saved. ' . - 'You are now logged in.')); - common_show_footer(); + $this->mode = 'saved'; + $this->msg = _('New password successfully saved. ' . + 'You are now logged in.'); + $this->success = true; + $this->showPage(); } }