gnu-social/actions/password.php

<?php
/* 
 * Laconica - a distributed open-source microblogging tool
 * Copyright (C) 2008, Controlez-Vous, Inc.
 * 
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 * 
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 * 
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

if (!defined('LACONICA')) { exit(1); }

class PasswordAction extends SettingsAction {
	
	function show_form($msg=NULL, $success=false) {
		common_show_header(_t('Change password'));
		$this->settings_menu();
		$this->message($msg, $success);
		common_element_start('form', array('method' => 'POST',
										   'id' => 'password',
										   'action' => 
										   common_local_url('password')));
		common_password('oldpassword', _t('Old password'));
		common_password('newpassword', _t('New password'));
		common_password('confirm', _t('Confirm'));
		common_element('input', array('name' => 'submit',
									  'type' => 'submit',
									  'id' => 'submit'),
					   _t('Login'));
		common_element('input', array('name' => 'cancel',
									  'type' => 'button',
									  'id' => 'cancel'),
					   _t('Cancel'));
		common_element_end('form');
	}
	
	function handle_post() {

		$user = common_current_user();
		assert(!is_null($user)); # should already be checked
		
		# FIXME: scrub input

		$oldpassword = $this->arg('oldpassword');
		$newpassword = $this->arg('newpassword');
		$confirm = $this->arg('confirm');
		
		if (0 != strcmp($newpassword, $confirm)) {
			$this->show_form(_t('Passwords don\'t match'));
			return;
		}

		if (!common_check_user($user->nickname, $oldpassword)) {
			$this->show_form(_t('Incorrect old password'));
			return;
		}
		
		$user->password = common_munge_password($newpassword, $user->id);
		
		if (!$user->update()) {
			common_server_error(_t('Can\'t save new password.'));
			return;
		}
		
		$this->show_form(_t('Password saved'), true);
	}
}
settings and avatars Did considerable work on the settings section. Redesigned the DB to allow avatars. Each avatar image has a size and an URL. There can be multiple avatars per profile, just different sizes. Added accessors in Profile for avatar. Show the avatar in lots of places, where it makes sense. Constants for avatar sizes in common.php. darcs-hash:20080515162844-84dde-fe0630366e247c02ca8ca9d1cc6b963cfce57a26.gz 2008-05-16 01:28:44 +09:00			`<?php`
			`/*`
			`* Laconica - a distributed open-source microblogging tool`
			`* Copyright (C) 2008, Controlez-Vous, Inc.`
			`*`
			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License as published by`
			`* the Free Software Foundation, either version 3 of the License, or`
			`* (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU Affero General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU Affero General Public License`
			`* along with this program. If not, see <http://www.gnu.org/licenses/>.`
			`*/`

fixes to make it all lint Ran everything through php -l, found out that it didn't compile. So: fixed the am-I-running-in-Laconica check at the top of each file. Some syntax fixes in shownotice, showstream, common. darcs-hash:20080517154701-84dde-8d38da89c5b9cb3b40704adb04a4de880c204181.gz 2008-05-18 00:47:01 +09:00			`if (!defined('LACONICA')) { exit(1); }`
settings and avatars Did considerable work on the settings section. Redesigned the DB to allow avatars. Each avatar image has a size and an URL. There can be multiple avatars per profile, just different sizes. Added accessors in Profile for avatar. Show the avatar in lots of places, where it makes sense. Constants for avatar sizes in common.php. darcs-hash:20080515162844-84dde-fe0630366e247c02ca8ca9d1cc6b963cfce57a26.gz 2008-05-16 01:28:44 +09:00
			`class PasswordAction extends SettingsAction {`

			`function show_form($msg=NULL, $success=false) {`
			`common_show_header(_t('Change password'));`
			`$this->settings_menu();`
upload and change avatars code to upload and change avatars. combined some code in the settings area, too. darcs-hash:20080517122045-84dde-8e13994e627805f29679c9533c2f62db81dc0925.gz 2008-05-17 21:20:45 +09:00			`$this->message($msg, $success);`
common_start_element -> common_element_start darcs-hash:20080517170430-84dde-74f42b52695699f646b65b939f78fbbe95a05c7e.gz 2008-05-18 02:04:30 +09:00			`common_element_start('form', array('method' => 'POST',`
settings and avatars Did considerable work on the settings section. Redesigned the DB to allow avatars. Each avatar image has a size and an URL. There can be multiple avatars per profile, just different sizes. Added accessors in Profile for avatar. Show the avatar in lots of places, where it makes sense. Constants for avatar sizes in common.php. darcs-hash:20080515162844-84dde-fe0630366e247c02ca8ca9d1cc6b963cfce57a26.gz 2008-05-16 01:28:44 +09:00			`'id' => 'password',`
			`'action' =>`
			`common_local_url('password')));`
			`common_password('oldpassword', _t('Old password'));`
			`common_password('newpassword', _t('New password'));`
			`common_password('confirm', _t('Confirm'));`
			`common_element('input', array('name' => 'submit',`
			`'type' => 'submit',`
			`'id' => 'submit'),`
			`_t('Login'));`
			`common_element('input', array('name' => 'cancel',`
			`'type' => 'button',`
			`'id' => 'cancel'),`
			`_t('Cancel'));`
common_start_element -> common_element_start darcs-hash:20080517170430-84dde-74f42b52695699f646b65b939f78fbbe95a05c7e.gz 2008-05-18 02:04:30 +09:00			`common_element_end('form');`
settings and avatars Did considerable work on the settings section. Redesigned the DB to allow avatars. Each avatar image has a size and an URL. There can be multiple avatars per profile, just different sizes. Added accessors in Profile for avatar. Show the avatar in lots of places, where it makes sense. Constants for avatar sizes in common.php. darcs-hash:20080515162844-84dde-fe0630366e247c02ca8ca9d1cc6b963cfce57a26.gz 2008-05-16 01:28:44 +09:00			`}`

			`function handle_post() {`

			`$user = common_current_user();`
			`assert(!is_null($user)); # should already be checked`

			`# FIXME: scrub input`

			`$oldpassword = $this->arg('oldpassword');`
			`$newpassword = $this->arg('newpassword');`
			`$confirm = $this->arg('confirm');`

			`if (0 != strcmp($newpassword, $confirm)) {`
			`$this->show_form(_t('Passwords don\'t match'));`
			`return;`
			`}`

			`if (!common_check_user($user->nickname, $oldpassword)) {`
			`$this->show_form(_t('Incorrect old password'));`
			`return;`
			`}`

			`$user->password = common_munge_password($newpassword, $user->id);`

			`if (!$user->update()) {`
			`common_server_error(_t('Can\'t save new password.'));`
			`return;`
			`}`

			`$this->show_form(_t('Password saved'), true);`
			`}`
			`}`