From ad4f4e405aed82cd0f87e51874043a2d054a1c01 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Thu, 8 Sep 2016 18:43:47 +0200
Subject: [session] Add simple "change password" GUI
---
modules-available/session/page.inc.php | 51 ++++++++++++++++++----
modules-available/session/style.css | 43 ++++++++++++++++++
.../session/templates/change-password.html | 11 +++++
.../session/templates/page-login.html | 11 +++--
4 files changed, 101 insertions(+), 15 deletions(-)
create mode 100644 modules-available/session/style.css
create mode 100644 modules-available/session/templates/change-password.html
(limited to 'modules-available/session')
diff --git a/modules-available/session/page.inc.php b/modules-available/session/page.inc.php
index 853f20e4..0a6eac77 100644
--- a/modules-available/session/page.inc.php
+++ b/modules-available/session/page.inc.php
@@ -6,30 +6,63 @@ class Page_Session extends Page
protected function doPreprocess()
{
User::load();
- if (Request::post('action') === 'login') {
+ $action = Request::post('action');
+ if ($action === 'login') {
// Login - see if already logged in
if (User::isLoggedIn()) // and then just redirect
- Util::redirect('?do=Main');
+ Util::redirect('?do=main');
// Else, try to log in
if (User::login(Request::post('user'), Request::post('pass')))
- Util::redirect('?do=Main');
+ Util::redirect('?do=main');
// Login credentials wrong - delay and show error message
sleep(1);
Message::addError('loginfail');
}
- if (Request::post('action') === 'logout') {
+ if ($action === 'logout') {
// Log user out (or do nothing if not logged in)
User::logout();
- Util::redirect('?do=Main');
+ Util::redirect('?do=main');
+ }
+ if ($action === 'changepw') {
+ if (!User::isLoggedIn()) {
+ Util::redirect('?do=main');
+ }
+ // Now check if the user supplied the corrent current password, and the new password twice
+ $old = Request::post('old', false, 'string');
+ $new = Request::post('newpass1', false, 'string');
+ if ($old === false || $new === false) {
+ Message::addError('main.empty-field');
+ Util::redirect('?do=session');
+ }
+ if (!User::testPassword(User::getId(), $old)) {
+ sleep(1);
+ Message::addError('wrong-password');
+ Util::redirect('?do=session');
+ }
+ if (strlen($new) < 4) {
+ Message::addError('pass-too-short');
+ Util::redirect('?do=session');
+ }
+ if ($new !== Request::post('newpass2', false, 'string')) {
+ Message::addError('adduser.password-mismatch');
+ Util::redirect('?do=session');
+ }
+ if (User::updatePassword($new)) {
+ Message::addSuccess('password-changed');
+ } else {
+ Message::addWarning('password-unchanged');
+ }
+ Util::redirect('?do=session');
}
-
- if (User::isLoggedIn())
- Util::redirect('?do=Main');
}
protected function doRender()
{
- Render::addTemplate('page-login');
+ if (User::isLoggedIn()) {
+ Render::addTemplate('change-password');
+ } else {
+ Render::addTemplate('page-login');
+ }
}
}
diff --git a/modules-available/session/style.css b/modules-available/session/style.css
new file mode 100644
index 00000000..f7800155
--- /dev/null
+++ b/modules-available/session/style.css
@@ -0,0 +1,43 @@
+.form-signin {
+ max-width: 330px;
+ padding: 15px;
+ margin: 0 auto;
+}
+
+.form-signin .form-signin-heading,
+.form-signin .checkbox {
+ margin-bottom: 10px;
+}
+
+.form-signin .checkbox {
+ font-weight: normal;
+}
+
+.form-signin .form-control {
+ position: relative;
+ font-size: 16px;
+ height: auto;
+ padding: 10px;
+ -webkit-box-sizing: border-box;
+ -moz-box-sizing: border-box;
+ box-sizing: border-box;
+}
+
+.form-signin input[type="text"],
+.form-signin input[type="password"] {
+ border-radius: 0;
+ margin-bottom: -1px;
+}
+
+.form-signin input[type="text"]:first-child,
+.form-signin input[type="password"]:first-child {
+ border-top-left-radius: 4px;
+ border-top-right-radius: 4px;
+}
+
+.form-signin input[type="text"]:last-child,
+.form-signin input[type="password"]:last-child {
+ margin-bottom: 10px;
+ border-bottom-left-radius: 4px;
+ border-bottom-right-radius: 4px;
+}
\ No newline at end of file
diff --git a/modules-available/session/templates/change-password.html b/modules-available/session/templates/change-password.html
new file mode 100644
index 00000000..70ab7b92
--- /dev/null
+++ b/modules-available/session/templates/change-password.html
@@ -0,0 +1,11 @@
+
\ No newline at end of file
diff --git a/modules-available/session/templates/page-login.html b/modules-available/session/templates/page-login.html
index 247e9a55..4be7232a 100644
--- a/modules-available/session/templates/page-login.html
+++ b/modules-available/session/templates/page-login.html
@@ -1,11 +1,10 @@
\ No newline at end of file
--
cgit v1.2.3-55-g7522