Commit bcf4fb18 authored by tobyink's avatar tobyink

Password changes

parent 7a412213
......@@ -35,6 +35,7 @@ class User {
public $name, $email, $fullname, $bio, $location, $homepage, $error, $userlevel;
public $id, $acctid, $avatar_uri, $location_uri, $webid_uri;
public $password;
/**
* User constructor
......@@ -54,6 +55,7 @@ class User {
$row = $res->fetchRow(MDB2_FETCHMODE_ASSOC);
$this->name = $row['username'];
$this->password = $row['password'];
$this->email = $row['email'];
$this->fullname = $row['fullname'];
$this->homepage = $row['homepage'];
......@@ -88,6 +90,7 @@ class User {
$q = sprintf("UPDATE Users SET "
. "email=%s, " # Send a confirmation email first??
. "password=%s, "
. "fullname=%s, "
. "homepage=%s, "
. "bio=%s, "
......@@ -98,6 +101,7 @@ class User {
. "avatar_uri=%s "
. "WHERE username=%s"
, $mdb2->quote($this->email, 'text')
, $mdb2->quote($this->password, 'text')
, $mdb2->quote($this->fullname, 'text')
, $mdb2->quote($this->homepage, 'text')
, $mdb2->quote($this->bio, 'text')
......
......@@ -69,6 +69,14 @@ if ($_POST['submit'])
$errors[] = "Avatar must be a URI. Valid URIs cannot contain whitespace.";
}
if (!empty($_POST['password_1']))
{
if ($_POST['password_1'] != $_POST['password_2'])
$errors[] = "Passwords do not match.";
if (strlen($_POST['password_1']) > 32)
$errors[] = "Password is too long. (32 char limit.)";
}
if (!empty($_POST['location_uri']))
{
# Currently only allow geonames URIs, but there's no reason we can't accept
......@@ -89,6 +97,9 @@ if ($_POST['submit'])
$user->location_uri = $_POST['location_uri'];
$user->avatar_uri = $_POST['avatar_uri'];
if (!empty( $_POST['password_1'] ))
$user->password = $_POST['password_1'];
$user->save();
header("Location: " . $base_url . "/user/" . $user->name);
......
......@@ -49,6 +49,15 @@
</td>
<td><a href="#dfn_id" rel="glossary">What's this?</a></td>
</tr>
<tr>
<th align="right" valign="top"><label for="password_1">Password:</label></th>
<td><input name="password_1" id="password_1" type="password" value="" /></td>
<td rowspan="2">Leave this blank if you don't want to change your password.</td>
</tr>
<tr>
<th align="right" valign="top"><label for="password_2">Confirm Password:</label></th>
<td><input name="password_2" id="password_2" type="password" value="" /></td>
</tr>
<tr>
<td colspan="3" align="center">
<input type="submit" value="Change" />
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment