diff options
| author | Simon Rettberg | 2016-09-08 18:43:47 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2016-09-08 18:43:47 +0200 |
| commit | ad4f4e405aed82cd0f87e51874043a2d054a1c01 (patch) | |
| tree | 284362f85a9c31859e8e0a043e53325482812bae /modules-available/session/page.inc.php | |
| parent | [roomplanner] ajax saving: Better error messages on .fail() (diff) | |
| download | slx-admin-ad4f4e405aed82cd0f87e51874043a2d054a1c01.tar.gz slx-admin-ad4f4e405aed82cd0f87e51874043a2d054a1c01.tar.xz slx-admin-ad4f4e405aed82cd0f87e51874043a2d054a1c01.zip | |
[session] Add simple "change password" GUI
Diffstat (limited to 'modules-available/session/page.inc.php')
| -rw-r--r-- | modules-available/session/page.inc.php | 51 |
1 files changed, 42 insertions, 9 deletions
diff --git a/modules-available/session/page.inc.php b/modules-available/session/page.inc.php index 853f20e4..0a6eac77 100644 --- a/modules-available/session/page.inc.php +++ b/modules-available/session/page.inc.php @@ -6,30 +6,63 @@ class Page_Session extends Page protected function doPreprocess() { User::load(); - if (Request::post('action') === 'login') { + $action = Request::post('action'); + if ($action === 'login') { // Login - see if already logged in if (User::isLoggedIn()) // and then just redirect - Util::redirect('?do=Main'); + Util::redirect('?do=main'); // Else, try to log in if (User::login(Request::post('user'), Request::post('pass'))) - Util::redirect('?do=Main'); + Util::redirect('?do=main'); // Login credentials wrong - delay and show error message sleep(1); Message::addError('loginfail'); } - if (Request::post('action') === 'logout') { + if ($action === 'logout') { // Log user out (or do nothing if not logged in) User::logout(); - Util::redirect('?do=Main'); + Util::redirect('?do=main'); + } + if ($action === 'changepw') { + if (!User::isLoggedIn()) { + Util::redirect('?do=main'); + } + // Now check if the user supplied the corrent current password, and the new password twice + $old = Request::post('old', false, 'string'); + $new = Request::post('newpass1', false, 'string'); + if ($old === false || $new === false) { + Message::addError('main.empty-field'); + Util::redirect('?do=session'); + } + if (!User::testPassword(User::getId(), $old)) { + sleep(1); + Message::addError('wrong-password'); + Util::redirect('?do=session'); + } + if (strlen($new) < 4) { + Message::addError('pass-too-short'); + Util::redirect('?do=session'); + } + if ($new !== Request::post('newpass2', false, 'string')) { + Message::addError('adduser.password-mismatch'); + Util::redirect('?do=session'); + } + if (User::updatePassword($new)) { + Message::addSuccess('password-changed'); + } else { + Message::addWarning('password-unchanged'); + } + Util::redirect('?do=session'); } - - if (User::isLoggedIn()) - Util::redirect('?do=Main'); } protected function doRender() { - Render::addTemplate('page-login'); + if (User::isLoggedIn()) { + Render::addTemplate('change-password'); + } else { + Render::addTemplate('page-login'); + } } } |