diff options
| author | Harald Eilertsen <haraldei@anduin.net> | 2024-10-27 19:46:54 +0100 |
|---|---|---|
| committer | Harald Eilertsen <haraldei@anduin.net> | 2025-06-29 13:20:00 +0200 |
| commit | 53634cc1f27e9ed0711b50f9e03745d2949efb14 (patch) | |
| tree | 78cf5189763b88928ef00b134524946ee9d4ce76 | |
| parent | 3036f6daebcf845f88f64a1eb7fa7eb79bfb652a (diff) | |
| download | volse-hubzilla-53634cc1f27e9ed0711b50f9e03745d2949efb14.tar.gz volse-hubzilla-53634cc1f27e9ed0711b50f9e03745d2949efb14.tar.bz2 volse-hubzilla-53634cc1f27e9ed0711b50f9e03745d2949efb14.zip | |
Module/Admin/Account_edit: Refactoring
| -rw-r--r-- | Zotlabs/Module/Admin/Account_edit.php | 87 |
1 files changed, 53 insertions, 34 deletions
diff --git a/Zotlabs/Module/Admin/Account_edit.php b/Zotlabs/Module/Admin/Account_edit.php index a628737a7..857fa6512 100644 --- a/Zotlabs/Module/Admin/Account_edit.php +++ b/Zotlabs/Module/Admin/Account_edit.php @@ -6,52 +6,28 @@ use Zotlabs\Model\Account; class Account_edit { - function post() { - - // Validate CSRF token - // - // We terminate with a 403 Forbidden status if the check fails. - check_form_security_token_ForbiddenOnErr('admin_account_edit', 'security'); - - if (! isset($_POST['aid'])) { - notice( t('No account specified.') . EOL ); - goaway(z_root() . '/admin/accounts'); - } - - $account_id = $_POST['aid']; - - if (! is_numeric($account_id)) { - notice( t('Invalid account specified.') . EOL ); - goaway(z_root() . '/admin/accounts'); - } + /** + * Process form submission from the admin/account_edit page. + */ + public function post(): void { - $account = Account::get_by_id($account_id); - if (! $account) { - notice( t('Account does not exist.') . EOL ); - goaway(z_root() . '/admin/accounts'); - } + $this->validate_form(); if (isset($_POST['pass1'], $_POST['pass2'])) { - $pass1 = trim($_POST['pass1']); - $pass2 = trim($_POST['pass2']); - - if ($pass1 && $pass2 && ($pass1 === $pass2)) { - $account->set_password($pass1); - info( sprintf( t('Password changed for account %d.'), $account_id). EOL); - } + $this->update_account_password(); } if (isset($_POST['service_class'])) { - $account->set_service_class(trim($_POST['service_class'])); + $this->account->set_service_class(trim($_POST['service_class'])); } - $account->set_level(5); + $this->account->set_level(5); if (isset($_POST['account_language'])) { - $account->set_language(trim($_POST['account_language'])); + $this->account->set_language(trim($_POST['account_language'])); } - $account->save(); + $this->account->save(); info( t('Account settings updated.') . EOL); @@ -105,4 +81,47 @@ class Account_edit { ); } + /** + * Validate that the form submission is valid. + * + * Checks the CSRF token, and rejects the request with a 403 Forbidden + * status if it fails. + * + * Will set a notice and redirect to the main accounts page + * if validation fails. + */ + private function validate_form(): void { + // Validate CSRF token + // + // We terminate with a 403 Forbidden status if the check fails. + check_form_security_token_ForbiddenOnErr('admin_account_edit', 'security'); + + if (! isset($_POST['aid'])) { + notice( t('No account specified.') . EOL ); + goaway(z_root() . '/admin/accounts'); + } + + $this->account_id = $_POST['aid']; + + if (! is_numeric($this->account_id)) { + notice( t('Invalid account specified.') . EOL ); + goaway(z_root() . '/admin/accounts'); + } + + $this->account = Account::get_by_id($this->account_id); + if (! $this->account) { + notice( t('Account does not exist.') . EOL ); + goaway(z_root() . '/admin/accounts'); + } + } + + private function update_account_password(): void { + $pass1 = trim($_POST['pass1']); + $pass2 = trim($_POST['pass2']); + + if ($pass1 && $pass2 && ($pass1 === $pass2)) { + $this->account->set_password($pass1); + info( sprintf( t('Password changed for account %d.'), $this->account_id). EOL); + } + } } |