commit
7b342d7297
3 changed files with 27 additions and 3 deletions
|
@ -300,7 +300,8 @@ function settings_post(&$a) {
|
||||||
if((x($_POST,'npassword')) || (x($_POST,'confirm'))) {
|
if((x($_POST,'npassword')) || (x($_POST,'confirm'))) {
|
||||||
|
|
||||||
$newpass = $_POST['npassword'];
|
$newpass = $_POST['npassword'];
|
||||||
$confirm = $_POST['confirm'];
|
$confirm = $_POST['confirm'];
|
||||||
|
$oldpass = hash('whirlpool', $_POST['opassword']);
|
||||||
|
|
||||||
$err = false;
|
$err = false;
|
||||||
if($newpass != $confirm ) {
|
if($newpass != $confirm ) {
|
||||||
|
@ -311,7 +312,15 @@ function settings_post(&$a) {
|
||||||
if((! x($newpass)) || (! x($confirm))) {
|
if((! x($newpass)) || (! x($confirm))) {
|
||||||
notice( t('Empty passwords are not allowed. Password unchanged.') . EOL);
|
notice( t('Empty passwords are not allowed. Password unchanged.') . EOL);
|
||||||
$err = true;
|
$err = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// check if the old password was supplied correctly before
|
||||||
|
// changing it to the new value
|
||||||
|
$r = q("SELECT `password` FROM `user`WHERE `uid` = %d LIMIT 1", intval(local_user()));
|
||||||
|
if( $oldpass != $r[0]['password'] ) {
|
||||||
|
notice( t('Wrong password.') . EOL);
|
||||||
|
$err = true;
|
||||||
|
}
|
||||||
|
|
||||||
if(! $err) {
|
if(! $err) {
|
||||||
$password = hash('whirlpool',$newpass);
|
$password = hash('whirlpool',$newpass);
|
||||||
|
@ -394,8 +403,17 @@ function settings_post(&$a) {
|
||||||
|
|
||||||
if($email != $a->user['email']) {
|
if($email != $a->user['email']) {
|
||||||
$email_changed = true;
|
$email_changed = true;
|
||||||
|
// check for the correct password
|
||||||
|
$r = q("SELECT `password` FROM `user`WHERE `uid` = %d LIMIT 1", intval(local_user()));
|
||||||
|
$password = hash('whirlpool', $_POST['password']);
|
||||||
|
if ($password != $r[0]['password']) {
|
||||||
|
$err .= t('Wrong Password') . EOL;
|
||||||
|
$email = $a->user['email'];
|
||||||
|
}
|
||||||
|
// check the email is valid
|
||||||
if(! valid_email($email))
|
if(! valid_email($email))
|
||||||
$err .= t(' Not valid email.');
|
$err .= t(' Not valid email.');
|
||||||
|
// ensure new email is not the admin mail
|
||||||
if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0)) {
|
if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0)) {
|
||||||
$err .= t(' Cannot change to that email.');
|
$err .= t(' Cannot change to that email.');
|
||||||
$email = $a->user['email'];
|
$email = $a->user['email'];
|
||||||
|
@ -1045,6 +1063,8 @@ function settings_content(&$a) {
|
||||||
'$h_pass' => t('Password Settings'),
|
'$h_pass' => t('Password Settings'),
|
||||||
'$password1'=> array('npassword', t('New Password:'), '', ''),
|
'$password1'=> array('npassword', t('New Password:'), '', ''),
|
||||||
'$password2'=> array('confirm', t('Confirm:'), '', t('Leave password fields blank unless changing')),
|
'$password2'=> array('confirm', t('Confirm:'), '', t('Leave password fields blank unless changing')),
|
||||||
|
'$password3'=> array('opassword', t('Current Password:'), '', t('Your current password to confirm the changes')),
|
||||||
|
'$password4'=> array('password', t('Password:'), '', t('Your current password to confirm the changes')),
|
||||||
'$oid_enable' => (! get_config('system','no_openid')),
|
'$oid_enable' => (! get_config('system','no_openid')),
|
||||||
'$openid' => $openid_field,
|
'$openid' => $openid_field,
|
||||||
|
|
||||||
|
|
|
@ -9,6 +9,7 @@ $nickname_block
|
||||||
|
|
||||||
{{inc field_password.tpl with $field=$password1 }}{{endinc}}
|
{{inc field_password.tpl with $field=$password1 }}{{endinc}}
|
||||||
{{inc field_password.tpl with $field=$password2 }}{{endinc}}
|
{{inc field_password.tpl with $field=$password2 }}{{endinc}}
|
||||||
|
{{inc field_password.tpl with $field=$password3 }}{{endinc}}
|
||||||
|
|
||||||
{{ if $oid_enable }}
|
{{ if $oid_enable }}
|
||||||
{{inc field_input.tpl with $field=$openid }}{{endinc}}
|
{{inc field_input.tpl with $field=$openid }}{{endinc}}
|
||||||
|
@ -23,6 +24,7 @@ $nickname_block
|
||||||
|
|
||||||
{{inc field_input.tpl with $field=$username }}{{endinc}}
|
{{inc field_input.tpl with $field=$username }}{{endinc}}
|
||||||
{{inc field_input.tpl with $field=$email }}{{endinc}}
|
{{inc field_input.tpl with $field=$email }}{{endinc}}
|
||||||
|
{{inc field_password.tpl with $field=$password4 }}{{endinc}}
|
||||||
{{inc field_custom.tpl with $field=$timezone }}{{endinc}}
|
{{inc field_custom.tpl with $field=$timezone }}{{endinc}}
|
||||||
{{inc field_input.tpl with $field=$defloc }}{{endinc}}
|
{{inc field_input.tpl with $field=$defloc }}{{endinc}}
|
||||||
{{inc field_checkbox.tpl with $field=$allowloc }}{{endinc}}
|
{{inc field_checkbox.tpl with $field=$allowloc }}{{endinc}}
|
||||||
|
|
|
@ -14,6 +14,7 @@
|
||||||
|
|
||||||
{{include file="field_password.tpl" field=$password1}}
|
{{include file="field_password.tpl" field=$password1}}
|
||||||
{{include file="field_password.tpl" field=$password2}}
|
{{include file="field_password.tpl" field=$password2}}
|
||||||
|
{{include file="field_password.tpl" field=$password3}}
|
||||||
|
|
||||||
{{if $oid_enable}}
|
{{if $oid_enable}}
|
||||||
{{include file="field_input.tpl" field=$openid}}
|
{{include file="field_input.tpl" field=$openid}}
|
||||||
|
@ -28,6 +29,7 @@
|
||||||
|
|
||||||
{{include file="field_input.tpl" field=$username}}
|
{{include file="field_input.tpl" field=$username}}
|
||||||
{{include file="field_input.tpl" field=$email}}
|
{{include file="field_input.tpl" field=$email}}
|
||||||
|
{{include file="field_password.tpl" field=$password4}}
|
||||||
{{include file="field_custom.tpl" field=$timezone}}
|
{{include file="field_custom.tpl" field=$timezone}}
|
||||||
{{include file="field_input.tpl" field=$defloc}}
|
{{include file="field_input.tpl" field=$defloc}}
|
||||||
{{include file="field_checkbox.tpl" field=$allowloc}}
|
{{include file="field_checkbox.tpl" field=$allowloc}}
|
||||||
|
|
Loading…
Reference in a new issue