1 files changed, 39 insertions, 4 deletions

diff --git a/inc/user.inc.php b/inc/user.inc.php
index 496857e..ef29003 100644
--- a/inc/user.inc.php
+++ b/inc/user.inc.php
@@ -46,6 +46,13 @@ class User
 		return (int)self::$user['userid'];
 	}
 
+	public static function getMail()
+	{
+		if (!isset(self::$user['email']))
+			return false;
+		return self::$user['email'];
+	}
+
 	public static function getName()
 	{
 		if (!self::isLoggedIn())
@@ -115,8 +122,9 @@ class User
 			if (Session::getUid() === false)
 				return false;
 			// Try user from local DB
-			self::$user = Database::queryFirst('SELECT userid, shibid, login, firstname, lastname, email FROM user WHERE userid = :uid LIMIT 1', array('uid' => Session::getUid()));
-			return self::$user !== false;
+			self::$user = Database::queryFirst('SELECT userid, shibid, login, organizationid AS organization, firstname, lastname, email FROM user WHERE userid = :uid LIMIT 1', array('uid' => Session::getUid()));
+			self::$isInDb = self::$user !== false;
+			return self::$isInDb;
 		}
 		// Try bwIDM etc.
 		if (!$hasSession) {
@@ -190,12 +198,35 @@ class User
 		}
 	}
 
+	public static function updatePassword($pass)
+	{
+		if (!self::isLoggedIn() || self::$isShib || !self::$isInDb)
+			return false;
+		$pw = Crypto::hash6($pass);
+		$ret = Database::exec('UPDATE user SET password = :pass WHERE userid = :user LIMIT 1', array(
+			'pass' => $pw,
+			'user' => self::getId()
+		));
+		return $ret == 1;
+	}
+
+
+	public static function updateMail($mail)
+	{
+		if (!self::isLoggedIn() || self::$isShib || !self::$isInDb)
+			return false;
+		$ret = Database::exec('UPDATE user SET email = :mail WHERE userid = :user LIMIT 1', array(
+			'mail' => $mail,
+			'user' => self::getId()
+		));
+		return $ret == 1 || $mail === self::get('email');
+	}
 	public static function login($user, $pass)
 	{
 		$ret = Database::queryFirst('SELECT userid, password FROM user WHERE login = :user LIMIT 1', array(':user' => $user));
 		if ($ret === false)
 			return false;
-		if (!Crypto::verify($pass, $ret['passwd']))
+		if (!Crypto::verify($pass, $ret['password']))
 			return false;
 		Session::create();
 		Session::setUid($ret['userid']);
@@ -212,7 +243,11 @@ class User
 			@setcookie($name, '', time() - 8640000, null, null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off', true);
 		}
 		Session::delete();
-		Header('Location: ?do=Logout&noredirect=yes');
+		if (self::$isShib) {
+			Header('Location: ?do=Logout&noredirect=yes');
+		} else {
+			Header('Location: ?do=Main');
+		}
 		exit(0);
 	}