aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Zotlabs/Module/Settings/Account.php57
-rw-r--r--include/auth.php1
-rw-r--r--view/tpl/settings_account.tpl3
3 files changed, 33 insertions, 28 deletions
diff --git a/Zotlabs/Module/Settings/Account.php b/Zotlabs/Module/Settings/Account.php
index 97cc9389a..5e1fb176e 100644
--- a/Zotlabs/Module/Settings/Account.php
+++ b/Zotlabs/Module/Settings/Account.php
@@ -6,11 +6,11 @@ class Account {
function post() {
check_form_security_token_redirectOnErr('/settings/account', 'settings_account');
-
+
call_hooks('account_settings_post', $_POST);
-
+
$errs = array();
-
+
$email = ((x($_POST,'email')) ? trim(notags($_POST['email'])) : '');
$account = \App::get_account();
@@ -34,38 +34,38 @@ class Account {
}
}
}
-
+
if($errs) {
foreach($errs as $err)
notice($err . EOL);
$errs = array();
}
-
-
+
+
if((x($_POST,'npassword')) || (x($_POST,'confirm'))) {
-
+
$origpass = trim($_POST['origpass']);
-
+
require_once('include/auth.php');
if(! account_verify_password($email,$origpass)) {
$errs[] = t('Password verification failed.');
}
-
+
$newpass = trim($_POST['npassword']);
$confirm = trim($_POST['confirm']);
-
+
if($newpass != $confirm ) {
$errs[] = t('Passwords do not match. Password unchanged.');
}
-
+
if((! x($newpass)) || (! x($confirm))) {
$errs[] = t('Empty passwords are not allowed. Password unchanged.');
}
-
+
if(! $errs) {
$salt = random_string(32);
$password_encoded = hash('whirlpool', $salt . $newpass);
- $r = q("update account set account_salt = '%s', account_password = '%s', account_password_changed = '%s'
+ $r = q("update account set account_salt = '%s', account_password = '%s', account_password_changed = '%s'
where account_id = %d",
dbesc($salt),
dbesc($password_encoded),
@@ -78,36 +78,37 @@ class Account {
$errs[] = t('Password update failed. Please try again.');
}
}
-
-
+
+
if($errs) {
foreach($errs as $err)
notice($err . EOL);
}
goaway(z_root() . '/settings/account' );
}
-
-
+
+
function get() {
$account_settings = "";
-
+
call_hooks('account_settings', $account_settings);
-
+
$email = \App::$account['account_email'];
- $attremail = (!strpos($email, '@')) ? 'disabled="disabled"' : '';
+ $attremail = ((!strpos($email, '@')) ? 'disabled="disabled"' : '');
$tpl = get_markup_template("settings_account.tpl");
$o .= replace_macros($tpl, array(
'$form_security_token' => get_form_security_token("settings_account"),
- '$title' => t('Account Settings'),
- '$origpass' => array('origpass', t('Current Password'), ' ',''),
- '$password1'=> array('npassword', t('Enter New Password'), '', ''),
- '$password2'=> array('confirm', t('Confirm New Password'), '', t('Leave password fields blank unless changing')),
- '$submit' => t('Submit'),
- '$email' => array('email', t('DId2 or Email Address:'), $email, '', '', $attremail),
- '$removeme' => t('Remove Account'),
- '$removeaccount' => t('Remove this account including all its channels'),
+ '$title' => t('Account Settings'),
+ '$origpass' => array('origpass', t('Current Password'), ' ',''),
+ '$password1' => array('npassword', t('Enter New Password'), '', ''),
+ '$password2' => array('confirm', t('Confirm New Password'), '', t('Leave password fields blank unless changing')),
+ '$submit' => t('Submit'),
+ '$email' => array('email', t('DId2 or Email Address:'), $email, '', '', $attremail),
+ '$email_hidden' => (($attremail) ? $email : ''),
+ '$removeme' => t('Remove Account'),
+ '$removeaccount' => t('Remove this account including all its channels'),
'$account_settings' => $account_settings
));
return $o;
diff --git a/include/auth.php b/include/auth.php
index 8f0b137be..125aedffd 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -112,6 +112,7 @@ function account_verify_password($login, $pass) {
}
if($channel) {
+
// Try the authentication plugin again since weve determined we are using the channel login instead of account login
$addon_auth = [
'username' => $account['account_email'],
diff --git a/view/tpl/settings_account.tpl b/view/tpl/settings_account.tpl
index c81f1abbb..2b942d694 100644
--- a/view/tpl/settings_account.tpl
+++ b/view/tpl/settings_account.tpl
@@ -8,6 +8,9 @@
<input type='hidden' name='form_security_token' value='{{$form_security_token}}'>
<div class="section-content-tools-wrapper">
{{include file="field_input.tpl" field=$email}}
+ {{if $email_hidden}}
+ <input type='hidden' name='email' value='{{$email_hidden}}'>
+ {{/if}}
{{include file="field_password.tpl" field=$origpass}}
{{include file="field_password.tpl" field=$password1}}
{{include file="field_password.tpl" field=$password2}}