aboutsummaryrefslogtreecommitdiffstats
path: root/mod/settings.php
diff options
context:
space:
mode:
Diffstat (limited to 'mod/settings.php')
-rw-r--r--mod/settings.php74
1 files changed, 42 insertions, 32 deletions
diff --git a/mod/settings.php b/mod/settings.php
index ea9c73435..a6655f46a 100644
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -225,10 +225,44 @@ function settings_post(&$a) {
$errs = array();
+ $email = ((x($_POST,'email')) ? trim(notags($_POST['email'])) : '');
+ $account = $a->get_account();
+ if($email != $account['account_email']) {
+ if(! valid_email($email))
+ $errs[] = t('Not valid email.');
+ $adm = trim(get_config('system','admin_email'));
+ if(($adm) && (strcasecmp($email,$adm) == 0)) {
+ $errs[] = t('Protected email address. Cannot change to that email.');
+ $email = $a->user['email'];
+ }
+ if(! $errs) {
+ $r = q("update account set account_email = '%s' where account_id = %d",
+ dbesc($email),
+ intval($account['account_id'])
+ );
+ if(! $r)
+ $errs[] = t('System failure storing new email. Please try again.');
+ }
+ }
+
+ if($errs) {
+ foreach($errs as $err)
+ notice($err . EOL);
+ $errs = array();
+ }
+
+
if((x($_POST,'npassword')) || (x($_POST,'confirm'))) {
- $newpass = $_POST['npassword'];
- $confirm = $_POST['confirm'];
+ $origpass = trim($_POST['origpass']);
+
+ require_once('include/auth.php');
+ if(! account_verify_password($email,$origpass)) {
+ $errs[] = t('Password verification failed.');
+ }
+
+ $newpass = trim($_POST['npassword']);
+ $confirm = trim($_POST['confirm']);
if($newpass != $confirm ) {
$errs[] = t('Passwords do not match. Password unchanged.');
@@ -255,31 +289,6 @@ function settings_post(&$a) {
}
}
- if($errs) {
- foreach($errs as $err)
- notice($err . EOL);
- $errs = array();
- }
-
- $email = ((x($_POST,'email')) ? trim(notags($_POST['email'])) : '');
- $account = $a->get_account();
- if($email != $account['account_email']) {
- if(! valid_email($email))
- $errs[] = t('Not valid email.');
- $adm = trim(get_config('system','admin_email'));
- if(($adm) && (strcasecmp($email,$adm) == 0)) {
- $errs[] = t('Protected email address. Cannot change to that email.');
- $email = $a->user['email'];
- }
- if(! $errs) {
- $r = q("update account set account_email = '%s' where account_id = %d",
- dbesc($email),
- intval($account['account_id'])
- );
- if(! $r)
- $errs[] = t('System failure storing new email. Please try again.');
- }
- }
if($errs) {
foreach($errs as $err)
@@ -314,7 +323,7 @@ function settings_post(&$a) {
foreach($global_perms as $k => $v) {
$set_perms .= ', ' . $v[0] . ' = ' . intval($_POST[$k]) . ' ';
}
- $acl = new AccessList($channel);
+ $acl = new Zotlabs\Access\AccessList($channel);
$acl->set_from_array($_POST);
$x = $acl->get();
@@ -695,8 +704,9 @@ function settings_content(&$a) {
$o .= replace_macros($tpl, array(
'$form_security_token' => get_form_security_token("settings_account"),
'$title' => t('Account Settings'),
- '$password1'=> array('npassword', t('Enter New Password:'), '', ''),
- '$password2'=> array('confirm', t('Confirm New Password:'), '', t('Leave password fields blank unless changing')),
+ '$origpass' => array('origpass', t('Current Password'), ' ',''),
+ '$password1'=> array('npassword', t('Enter New Password'), '', ''),
+ '$password2'=> array('confirm', t('Confirm New Password'), '', t('Leave password fields blank unless changing')),
'$submit' => t('Submit'),
'$email' => array('email', t('Email Address:'), $email, ''),
'$removeme' => t('Remove Account'),
@@ -992,7 +1002,7 @@ function settings_content(&$a) {
$stpl = get_markup_template('settings.tpl');
- $acl = new AccessList($channel);
+ $acl = new Zotlabs\Access\AccessList($channel);
$perm_defaults = $acl->get();
require_once('include/group.php');
@@ -1044,7 +1054,7 @@ function settings_content(&$a) {
'$h_prv' => t('Security and Privacy Settings'),
'$permissions_set' => $permissions_set,
- '$server_role' => get_server_role(),
+ '$server_role' => Zotlabs\Project\System::get_server_role(),
'$perms_set_msg' => t('Your permissions are already configured. Click to view/adjust'),
'$hide_presence' => array('hide_presence', t('Hide my online presence'),$hide_presence, t('Prevents displaying in your profile that you are online'), $yes_no),