mirror of
https://github.com/sbrl/Pepperminty-Wiki.git
synced 2024-11-26 05:32:59 +00:00
Bugfix: Make password chainging work.
This commit is contained in:
parent
7868028f2c
commit
fafaf397e9
3 changed files with 37 additions and 11 deletions
|
@ -3810,14 +3810,22 @@ register_module([
|
||||||
* ██ ██ ██ ███████ ██ ███████
|
* ██ ██ ██ ███████ ██ ███████
|
||||||
*/
|
*/
|
||||||
add_action("user-preferences", function() {
|
add_action("user-preferences", function() {
|
||||||
global $env;
|
global $env, $settings;
|
||||||
|
|
||||||
if(!$env->is_logged_in)
|
if(!$env->is_logged_in)
|
||||||
{
|
{
|
||||||
exit(page_renderer::render_main("Error - $settings->sitename", "<p>Since you aren't logged in, you can't change your preferences. This is because stored preferences are tied to each registered user account. You can login <a href='?action=login&returnto=" . rawurlencode("?action=user-preferences") . "'>here</a>.</p>"));
|
exit(page_renderer::render_main("Error - $settings->sitename", "<p>Since you aren't logged in, you can't change your preferences. This is because stored preferences are tied to each registered user account. You can login <a href='?action=login&returnto=" . rawurlencode("?action=user-preferences") . "'>here</a>.</p>"));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$statusMessages = [
|
||||||
|
"change-password" => "Password changed successfully!"
|
||||||
|
];
|
||||||
|
|
||||||
$content = "<h2>User Preferences</h2>\n";
|
$content = "<h2>User Preferences</h2>\n";
|
||||||
|
if(isset($_GET["success"]) && $_GET["success"] === "yes")
|
||||||
|
{
|
||||||
|
$content .= "<p class='user-prefs-status-message'><em>" . $statusMessages[$_GET["operation"]] . "</em></p>\n";
|
||||||
|
}
|
||||||
$content .= "<label for='username'>Username:</label>\n";
|
$content .= "<label for='username'>Username:</label>\n";
|
||||||
$content .= "<input type='text' name='username' value='$env->user' readonly />\n";
|
$content .= "<input type='text' name='username' value='$env->user' readonly />\n";
|
||||||
$content .= "<h3>Change Password</h3\n>";
|
$content .= "<h3>Change Password</h3\n>";
|
||||||
|
@ -3838,21 +3846,26 @@ register_module([
|
||||||
});
|
});
|
||||||
|
|
||||||
add_action("change-password", function() {
|
add_action("change-password", function() {
|
||||||
global $env;
|
global $env, $settings;
|
||||||
|
|
||||||
// Make sure the new password was typed correctly
|
// Make sure the new password was typed correctly
|
||||||
// This comes before the current password check since that's more intensive
|
// This comes before the current password check since that's more intensive
|
||||||
if($_POST["new-pass"] !== $_POST["new-pass-confirm"]) {
|
if($_POST["new-pass"] !== $_POST["new-pass-confirm"]) {
|
||||||
exit(page_renderer::render_main("Password mismatch - $settings->sitename", "<p>The new password you typed twice didn't match. <a href='javascript:history.back();'>Go back</a>.</p>"));
|
exit(page_renderer::render_main("Password mismatch - $settings->sitename", "<p>The new password you typed twice didn't match! <a href='javascript:history.back();'>Go back</a>.</p>"));
|
||||||
}
|
}
|
||||||
// Check the current password
|
// Check the current password
|
||||||
if(hash_password($_POST["current-pass"]) !== $env->user_data->password) {
|
if(hash_password($_POST["current-pass"]) !== $env->user_data->password) {
|
||||||
exit(page_renderer::render_main("Password mismatch - $settings->sitename", "<p>Error: You typed your current password incorrectly. <a href='javascript:history.back();'>Go back</a>.</p>"));
|
exit(page_renderer::render_main("Password mismatch - $settings->sitename", "<p>Error: You typed your current password incorrectly! <a href='javascript:history.back();'>Go back</a>.</p>"));
|
||||||
}
|
}
|
||||||
|
|
||||||
// All's good! Go ahead and change the password.
|
// All's good! Go ahead and change the password.
|
||||||
$env->user_data->password = hash_password($_POST["current-pass"]);
|
$env->user_data->password = hash_password($_POST["new-pass"]);
|
||||||
// Save the userdata back to disk
|
// Save the userdata back to disk
|
||||||
save_userdata();
|
save_userdata();
|
||||||
|
|
||||||
|
http_response_code(307);
|
||||||
|
header("location: ?action=user-preferences&success=yes&operation=change-password");
|
||||||
|
exit(page_renderer::render_main("Password Changed Successfully", "<p>You password was changed successfully. <a href='?action=user-preferences'>Go back to the user preferences page</a>.</p>"));
|
||||||
});
|
});
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -104,7 +104,7 @@
|
||||||
"author": "Starbeamrainbowlabs",
|
"author": "Starbeamrainbowlabs",
|
||||||
"description": "Adds a user preferences page, letting pople do things like change their email address and password.",
|
"description": "Adds a user preferences page, letting pople do things like change their email address and password.",
|
||||||
"id": "feature-user-preferences",
|
"id": "feature-user-preferences",
|
||||||
"lastupdate": 1482357790,
|
"lastupdate": 1482516311,
|
||||||
"optional": false
|
"optional": false
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
|
|
@ -28,14 +28,22 @@ register_module([
|
||||||
* ██ ██ ██ ███████ ██ ███████
|
* ██ ██ ██ ███████ ██ ███████
|
||||||
*/
|
*/
|
||||||
add_action("user-preferences", function() {
|
add_action("user-preferences", function() {
|
||||||
global $env;
|
global $env, $settings;
|
||||||
|
|
||||||
if(!$env->is_logged_in)
|
if(!$env->is_logged_in)
|
||||||
{
|
{
|
||||||
exit(page_renderer::render_main("Error - $settings->sitename", "<p>Since you aren't logged in, you can't change your preferences. This is because stored preferences are tied to each registered user account. You can login <a href='?action=login&returnto=" . rawurlencode("?action=user-preferences") . "'>here</a>.</p>"));
|
exit(page_renderer::render_main("Error - $settings->sitename", "<p>Since you aren't logged in, you can't change your preferences. This is because stored preferences are tied to each registered user account. You can login <a href='?action=login&returnto=" . rawurlencode("?action=user-preferences") . "'>here</a>.</p>"));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$statusMessages = [
|
||||||
|
"change-password" => "Password changed successfully!"
|
||||||
|
];
|
||||||
|
|
||||||
$content = "<h2>User Preferences</h2>\n";
|
$content = "<h2>User Preferences</h2>\n";
|
||||||
|
if(isset($_GET["success"]) && $_GET["success"] === "yes")
|
||||||
|
{
|
||||||
|
$content .= "<p class='user-prefs-status-message'><em>" . $statusMessages[$_GET["operation"]] . "</em></p>\n";
|
||||||
|
}
|
||||||
$content .= "<label for='username'>Username:</label>\n";
|
$content .= "<label for='username'>Username:</label>\n";
|
||||||
$content .= "<input type='text' name='username' value='$env->user' readonly />\n";
|
$content .= "<input type='text' name='username' value='$env->user' readonly />\n";
|
||||||
$content .= "<h3>Change Password</h3\n>";
|
$content .= "<h3>Change Password</h3\n>";
|
||||||
|
@ -56,21 +64,26 @@ register_module([
|
||||||
});
|
});
|
||||||
|
|
||||||
add_action("change-password", function() {
|
add_action("change-password", function() {
|
||||||
global $env;
|
global $env, $settings;
|
||||||
|
|
||||||
// Make sure the new password was typed correctly
|
// Make sure the new password was typed correctly
|
||||||
// This comes before the current password check since that's more intensive
|
// This comes before the current password check since that's more intensive
|
||||||
if($_POST["new-pass"] !== $_POST["new-pass-confirm"]) {
|
if($_POST["new-pass"] !== $_POST["new-pass-confirm"]) {
|
||||||
exit(page_renderer::render_main("Password mismatch - $settings->sitename", "<p>The new password you typed twice didn't match. <a href='javascript:history.back();'>Go back</a>.</p>"));
|
exit(page_renderer::render_main("Password mismatch - $settings->sitename", "<p>The new password you typed twice didn't match! <a href='javascript:history.back();'>Go back</a>.</p>"));
|
||||||
}
|
}
|
||||||
// Check the current password
|
// Check the current password
|
||||||
if(hash_password($_POST["current-pass"]) !== $env->user_data->password) {
|
if(hash_password($_POST["current-pass"]) !== $env->user_data->password) {
|
||||||
exit(page_renderer::render_main("Password mismatch - $settings->sitename", "<p>Error: You typed your current password incorrectly. <a href='javascript:history.back();'>Go back</a>.</p>"));
|
exit(page_renderer::render_main("Password mismatch - $settings->sitename", "<p>Error: You typed your current password incorrectly! <a href='javascript:history.back();'>Go back</a>.</p>"));
|
||||||
}
|
}
|
||||||
|
|
||||||
// All's good! Go ahead and change the password.
|
// All's good! Go ahead and change the password.
|
||||||
$env->user_data->password = hash_password($_POST["current-pass"]);
|
$env->user_data->password = hash_password($_POST["new-pass"]);
|
||||||
// Save the userdata back to disk
|
// Save the userdata back to disk
|
||||||
save_userdata();
|
save_userdata();
|
||||||
|
|
||||||
|
http_response_code(307);
|
||||||
|
header("location: ?action=user-preferences&success=yes&operation=change-password");
|
||||||
|
exit(page_renderer::render_main("Password Changed Successfully", "<p>You password was changed successfully. <a href='?action=user-preferences'>Go back to the user preferences page</a>.</p>"));
|
||||||
});
|
});
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
Loading…
Reference in a new issue