gnu-social/actions/password.php
Evan Prodromou fac522f4d7 settings and avatars
Did considerable work on the settings section.

Redesigned the DB to allow avatars. Each avatar image has a size and
an URL. There can be multiple avatars per profile, just different sizes.

Added accessors in Profile for avatar. Show the avatar in lots of
places, where it makes sense. Constants for avatar sizes in common.php.

darcs-hash:20080515162844-84dde-fe0630366e247c02ca8ca9d1cc6b963cfce57a26.gz
2008-05-15 12:28:44 -04:00

91 lines
2.6 KiB
PHP

<?php
/*
* Laconica - a distributed open-source microblogging tool
* Copyright (C) 2008, Controlez-Vous, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
if (!defined('LACONICA')) { exit(1) }
class PasswordAction extends SettingsAction {
function handle($args) {
parent::handle($args);
if (!common_logged_in()) {
common_user_error(_t('Not logged in.'));
return;
}
if ($this->arg('METHOD') == 'POST') {
$this->handle_post();
} else {
$this->show_form();
}
}
function show_form($msg=NULL, $success=false) {
common_show_header(_t('Change password'));
$this->settings_menu();
if ($msg) {
common_element('div', ($success) ? 'success' : 'error',
$msg);
}
common_start_element('form', array('method' => 'POST',
'id' => 'password',
'action' =>
common_local_url('password')));
common_password('oldpassword', _t('Old password'));
common_password('newpassword', _t('New password'));
common_password('confirm', _t('Confirm'));
common_element('input', array('name' => 'submit',
'type' => 'submit',
'id' => 'submit'),
_t('Login'));
common_element('input', array('name' => 'cancel',
'type' => 'button',
'id' => 'cancel'),
_t('Cancel'));
}
function handle_post() {
$user = common_current_user();
assert(!is_null($user)); # should already be checked
# FIXME: scrub input
$oldpassword = $this->arg('oldpassword');
$newpassword = $this->arg('newpassword');
$confirm = $this->arg('confirm');
if (0 != strcmp($newpassword, $confirm)) {
$this->show_form(_t('Passwords don\'t match'));
return;
}
if (!common_check_user($user->nickname, $oldpassword)) {
$this->show_form(_t('Incorrect old password'));
return;
}
$user->password = common_munge_password($newpassword, $user->id);
if (!$user->update()) {
common_server_error(_t('Can\'t save new password.'));
return;
}
$this->show_form(_t('Password saved'), true);
}
}