summaryrefslogtreecommitdiff
path: root/actions/profilesettings.php
diff options
context:
space:
mode:
Diffstat (limited to 'actions/profilesettings.php')
-rw-r--r--actions/profilesettings.php83
1 files changed, 78 insertions, 5 deletions
diff --git a/actions/profilesettings.php b/actions/profilesettings.php
index f34101ba9..0474c6937 100644
--- a/actions/profilesettings.php
+++ b/actions/profilesettings.php
@@ -31,7 +31,10 @@ class ProfilesettingsAction extends SettingsAction {
function show_form($msg=NULL, $success=false) {
$this->form_header(_('Profile settings'), $msg, $success);
$this->show_settings_form();
+ common_element('h2', NULL, _('Avatar'));
$this->show_avatar_form();
+ common_element('h2', NULL, _('Change password'));
+ $this->show_password_form();
common_show_footer();
}
@@ -49,6 +52,8 @@ class ProfilesettingsAction extends SettingsAction {
$this->save_profile();
} else if ($this->arg('upload')) {
$this->upload_avatar();
+ } else if ($this->arg('changepass')) {
+ $this->change_password();
}
}
@@ -110,14 +115,11 @@ class ProfilesettingsAction extends SettingsAction {
common_element_start('form', array('enctype' => 'multipart/form-data',
'method' => 'POST',
- 'id' => 'profilesettings',
+ 'id' => 'avatar',
'action' =>
common_local_url('profilesettings')));
common_hidden('token', common_session_token());
- common_element_start('p');
- common_element('label', array('for' => 'avatar'), 'Avatar');
-
if ($original) {
common_element('img', array('src' => $original->url,
'class' => 'avatar original',
@@ -136,20 +138,47 @@ class ProfilesettingsAction extends SettingsAction {
'alt' => $user->nickname));
}
- common_element_end('p');
common_element('input', array('name' => 'MAX_FILE_SIZE',
'type' => 'hidden',
'id' => 'MAX_FILE_SIZE',
'value' => MAX_AVATAR_SIZE));
+
+ common_element_start('p');
+
+
common_element('input', array('name' => 'avatarfile',
'type' => 'file',
'id' => 'avatarfile'));
+ common_element_end('p');
+
common_submit('upload', _('Upload'));
common_element_end('form');
}
+ function show_password_form() {
+
+ $user = common_current_user();
+ common_element_start('form', array('method' => 'POST',
+ 'id' => 'password',
+ 'action' =>
+ common_local_url('profilesettings')));
+
+ common_hidden('token', common_session_token());
+
+ # Users who logged in with OpenID won't have a pwd
+ if ($user->password) {
+ common_password('oldpassword', _('Old password'));
+ }
+ common_password('newpassword', _('New password'),
+ _('6 or more characters'));
+ common_password('confirm', _('Confirm'),
+ _('same as password above'));
+ common_submit('changepass', _('Change'));
+ common_element_end('form');
+ }
+
function save_profile() {
$nickname = $this->trimmed('nickname');
$fullname = $this->trimmed('fullname');
@@ -329,4 +358,48 @@ class ProfilesettingsAction extends SettingsAction {
return $other->id != $user->id;
}
}
+
+ function change_password() {
+
+ $user = common_current_user();
+ assert(!is_null($user)); # should already be checked
+
+ # FIXME: scrub input
+
+ $newpassword = $this->arg('newpassword');
+ $confirm = $this->arg('confirm');
+ $token = $this->arg('token');
+
+ if (0 != strcmp($newpassword, $confirm)) {
+ $this->show_form(_('Passwords don\'t match.'));
+ return;
+ }
+
+ if ($user->password) {
+ $oldpassword = $this->arg('oldpassword');
+
+ if (!common_check_user($user->nickname, $oldpassword)) {
+ $this->show_form(_('Incorrect old password'));
+ return;
+ }
+ }
+
+ $original = clone($user);
+
+ $user->password = common_munge_password($newpassword, $user->id);
+
+ $val = $user->validate();
+ if ($val !== TRUE) {
+ $this->show_form(_('Error saving user; invalid.'));
+ return;
+ }
+
+ if (!$user->update($original)) {
+ common_server_error(_('Can\'t save new password.'));
+ return;
+ }
+
+ $this->show_form(_('Password saved.'), true);
+ }
+
}