From 828cdbf49f52572e93c5c5a48e05277525a4055f Mon Sep 17 00:00:00 2001 From: Jeremy Tan Date: Mon, 28 Oct 2013 20:59:13 +0800 Subject: [PATCH] Nicen the rego form and add back the change password form --- .../MCTXWeb/public_html/users/left-nav.php | 1 + testing/MCTXWeb/public_html/users/login.php | 3 +- .../public_html/users/models/funcs.php | 7 +- .../MCTXWeb/public_html/users/register.php | 39 ++-- .../public_html/users/user_change_details.php | 169 ++++++++++++++++++ 5 files changed, 189 insertions(+), 30 deletions(-) create mode 100644 testing/MCTXWeb/public_html/users/user_change_details.php diff --git a/testing/MCTXWeb/public_html/users/left-nav.php b/testing/MCTXWeb/public_html/users/left-nav.php index bb56d73..addc4c4 100644 --- a/testing/MCTXWeb/public_html/users/left-nav.php +++ b/testing/MCTXWeb/public_html/users/left-nav.php @@ -22,6 +22,7 @@ if ($loggedInUser->checkPermission(array(2))){
  • Upload new users
  • Manage visible pages
  • Manage site details
  • +
  • Change your password
  • diff --git a/testing/MCTXWeb/public_html/users/login.php b/testing/MCTXWeb/public_html/users/login.php index 257fa4d..95b22a4 100644 --- a/testing/MCTXWeb/public_html/users/login.php +++ b/testing/MCTXWeb/public_html/users/login.php @@ -116,7 +116,8 @@ echo '

    - Forgotten password? + Forgotten password?
    + Register

    diff --git a/testing/MCTXWeb/public_html/users/models/funcs.php b/testing/MCTXWeb/public_html/users/models/funcs.php index 9eb69b8..a3a9928 100644 --- a/testing/MCTXWeb/public_html/users/models/funcs.php +++ b/testing/MCTXWeb/public_html/users/models/funcs.php @@ -165,14 +165,11 @@ function resultBlock($errors,$successes){ //Success block if(count($successes) > 0) { - echo "

    - [X] - "; echo "
    "; } } diff --git a/testing/MCTXWeb/public_html/users/register.php b/testing/MCTXWeb/public_html/users/register.php index 32f1ae1..8a0d6e6 100644 --- a/testing/MCTXWeb/public_html/users/register.php +++ b/testing/MCTXWeb/public_html/users/register.php @@ -40,9 +40,9 @@ if(!empty($_POST)) if(!ctype_alnum($displayname)){ $errors[] = lang("ACCOUNT_DISPLAY_INVALID_CHARACTERS"); } - if(minMaxRange(8,50,$password) && minMaxRange(8,50,$confirm_pass)) + if(minMaxRange(6,50,$password) && minMaxRange(6,50,$confirm_pass)) { - $errors[] = lang("ACCOUNT_PASS_CHAR_LIMIT",array(8,50)); + $errors[] = lang("ACCOUNT_PASS_CHAR_LIMIT",array(6,50)); } else if($password != $confirm_pass) { @@ -81,25 +81,13 @@ if(!empty($_POST)) } require_once("models/header.php"); -echo " - -
    -
    -
    -

    UserCake

    -

    Register

    +startPage(); -
    "; -include("left-nav.php"); echo " -
    - -
    "; - -echo resultBlock($errors,$successes); +
    User registration
    "; echo " -
    +

    @@ -122,23 +110,26 @@ echo "

    +

    +

    -
    -
    -
    -
    - -"; +
    "; + +finishPage(); ?> diff --git a/testing/MCTXWeb/public_html/users/user_change_details.php b/testing/MCTXWeb/public_html/users/user_change_details.php new file mode 100644 index 0000000..16c4532 --- /dev/null +++ b/testing/MCTXWeb/public_html/users/user_change_details.php @@ -0,0 +1,169 @@ +email = $userdetails["email"]; + $loggedInUser->user_id = $userdetails["id"]; + $loggedInUser->hash_pw = $userdetails["password"]; + $loggedInUser->title = $userdetails["title"]; + $loggedInUser->displayname = $userdetails["display_name"]; + $loggedInUser->username = $userdetails["user_name"]; + + if(trim($password_new) == "") + { + $errors[] = lang("ACCOUNT_SPECIFY_NEW_PASSWORD"); + } + else if(trim($password_confirm) == "") + { + $errors[] = lang("ACCOUNT_SPECIFY_CONFIRM_PASSWORD"); + } + else if(minMaxRange(6,50,$password_new)) + { + $errors[] = lang("ACCOUNT_NEW_PASSWORD_LENGTH",array(6,50)); + } + else if($password_new != $password_confirm) + { + $errors[] = lang("ACCOUNT_PASS_MISMATCH"); + } + + //End data validation + if(count($errors) == 0) + { + //Also prevent updating if someone attempts to update with the same password + $entered_pass_new = generateHash($password_new,$loggedInUser->hash_pw); + + if($entered_pass_new == $loggedInUser->hash_pw) + { + //Don't update, this fool is trying to update with the same password ¬¬ + $errors[] = lang("ACCOUNT_PASSWORD_NOTHING_TO_UPDATE"); + } + else + { + //This function will create the new hash and update the hash_pw property. + $loggedInUser->updatePassword($password_new); + $successes[] = lang("ACCOUNT_PASSWORD_UPDATED"); + } + } + } + } + } + } +} + +if (isUserLoggedIn()) +{ + //If not admin, log them out after pw change + if (!$loggedInUser->checkPermission(array(2))) + { + $loggedInUser->userLogOut(); + } +} + +require_once("models/header.php"); +startPage(); + +echo ' +
    +
    +
    Change of password
    +
    +

    + +

    +

    + +

    +

    + +

    +

    + +

    +

    + Forgotten password? +

    +

    + +

    +
    '; + +echo resultBlock($errors,$successes); +echo ' +
    +
    + '; + +finishPage(); + +?> -- 2.20.1