"User Preferences", "version" => "0.1", "author" => "Starbeamrainbowlabs", "description" => "Adds a user preferences page, letting pople do things like change their email address and password.", "id" => "feature-user-preferences", "code" => function() { global $settings; /** * @api {get} ?action=user-preferences Get a user preferences configuration page. * @apiName UserPreferences * @apiGroup Settings * @apiPermission User */ /* * ██ ██ ███████ ███████ ██████ * ██ ██ ██ ██ ██ ██ * ██ ██ ███████ █████ ██████ █████ * ██ ██ ██ ██ ██ ██ * ██████ ███████ ███████ ██ ██ * * ██████ ██████ ███████ ███████ ███████ * ██ ██ ██ ██ ██ ██ ██ * ██████ ██████ █████ █████ ███████ * ██ ██ ██ ██ ██ ██ * ██ ██ ██ ███████ ██ ███████ */ add_action("user-preferences", function() { global $env, $settings; if(!$env->is_logged_in) { exit(page_renderer::render_main("Error - $settings->sitename", "

Since you aren't logged in, you can't change your preferences. This is because stored preferences are tied to each registered user account. You can login here.

")); } $statusMessages = [ "change-password" => "Password changed successfully!" ]; $content = "

User Preferences

\n"; if(isset($_GET["success"]) && $_GET["success"] === "yes") { $content .= "

" . $statusMessages[$_GET["operation"]] . "

\n"; } $content .= "Username:\n"; $content .= "\n"; $content .= "

Change Password"; $content .= "
\n"; $content .= "Current Password:\n"; $content .= "\n"; $content .= "
\n"; $content .= "New Password:\n"; $content .= "\n"; $content .= "
\n"; $content .= "Confirm New Password:\n"; $content .= "\n"; $content .= "
\n"; $content .= "\n"; $content .= "
\n"; exit(page_renderer::render_main("User Preferences - $settings->sitename", $content)); }); /** * @api {post} ?action=change-password Change your password * @apiName ChangePassword * @apiGroup Settings * @apiPermission User * * @apiParam {string} current-pass Your current password. * @apiParam {string} new-pass Your new password. * @apiParam {string} new-pass-confirm Your new password again, to make sure you've typed it correctly. * * @apiError PasswordMismatchError The new password fields don't match. */ add_action("change-password", function() { global $env, $settings; // Make sure the new password was typed correctly // This comes before the current password check since that's more intensive if($_POST["new-pass"] !== $_POST["new-pass-confirm"]) { exit(page_renderer::render_main("Password mismatch - $settings->sitename", "
The new password you typed twice didn't match! Go back.
")); } // Check the current password if(hash_password($_POST["current-pass"]) !== $env->user_data->password) { exit(page_renderer::render_main("Password mismatch - $settings->sitename", "
Error: You typed your current password incorrectly! Go back.
")); } // All's good! Go ahead and change the password. $env->user_data->password = hash_password($_POST["new-pass"]); // Save the userdata back to disk save_userdata(); http_response_code(307); header("location: ?action=user-preferences&success=yes&operation=change-password"); exit(page_renderer::render_main("Password Changed Successfully", "
You password was changed successfully. Go back to the user preferences page.
")); }); add_help_section("910-user-preferences", "User Preferences", "
(help text coming soon)
"); } ]); ?>