From 2eb4d8762101df4e5dc6feddcfd479727853763b Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 4 Jan 2023 20:14:11 +0000 Subject: fix issue #1717 --- Zotlabs/Module/Settings/Account.php | 57 +++++++++++++++++++------------------ 1 file changed, 29 insertions(+), 28 deletions(-) (limited to 'Zotlabs/Module') diff --git a/Zotlabs/Module/Settings/Account.php b/Zotlabs/Module/Settings/Account.php index 97cc9389a..5e1fb176e 100644 --- a/Zotlabs/Module/Settings/Account.php +++ b/Zotlabs/Module/Settings/Account.php @@ -6,11 +6,11 @@ class Account { function post() { check_form_security_token_redirectOnErr('/settings/account', 'settings_account'); - + call_hooks('account_settings_post', $_POST); - + $errs = array(); - + $email = ((x($_POST,'email')) ? trim(notags($_POST['email'])) : ''); $account = \App::get_account(); @@ -34,38 +34,38 @@ class Account { } } } - + if($errs) { foreach($errs as $err) notice($err . EOL); $errs = array(); } - - + + if((x($_POST,'npassword')) || (x($_POST,'confirm'))) { - + $origpass = trim($_POST['origpass']); - + require_once('include/auth.php'); if(! account_verify_password($email,$origpass)) { $errs[] = t('Password verification failed.'); } - + $newpass = trim($_POST['npassword']); $confirm = trim($_POST['confirm']); - + if($newpass != $confirm ) { $errs[] = t('Passwords do not match. Password unchanged.'); } - + if((! x($newpass)) || (! x($confirm))) { $errs[] = t('Empty passwords are not allowed. Password unchanged.'); } - + if(! $errs) { $salt = random_string(32); $password_encoded = hash('whirlpool', $salt . $newpass); - $r = q("update account set account_salt = '%s', account_password = '%s', account_password_changed = '%s' + $r = q("update account set account_salt = '%s', account_password = '%s', account_password_changed = '%s' where account_id = %d", dbesc($salt), dbesc($password_encoded), @@ -78,36 +78,37 @@ class Account { $errs[] = t('Password update failed. Please try again.'); } } - - + + if($errs) { foreach($errs as $err) notice($err . EOL); } goaway(z_root() . '/settings/account' ); } - - + + function get() { $account_settings = ""; - + call_hooks('account_settings', $account_settings); - + $email = \App::$account['account_email']; - $attremail = (!strpos($email, '@')) ? 'disabled="disabled"' : ''; + $attremail = ((!strpos($email, '@')) ? 'disabled="disabled"' : ''); $tpl = get_markup_template("settings_account.tpl"); $o .= replace_macros($tpl, array( '$form_security_token' => get_form_security_token("settings_account"), - '$title' => t('Account Settings'), - '$origpass' => array('origpass', t('Current Password'), ' ',''), - '$password1'=> array('npassword', t('Enter New Password'), '', ''), - '$password2'=> array('confirm', t('Confirm New Password'), '', t('Leave password fields blank unless changing')), - '$submit' => t('Submit'), - '$email' => array('email', t('DId2 or Email Address:'), $email, '', '', $attremail), - '$removeme' => t('Remove Account'), - '$removeaccount' => t('Remove this account including all its channels'), + '$title' => t('Account Settings'), + '$origpass' => array('origpass', t('Current Password'), ' ',''), + '$password1' => array('npassword', t('Enter New Password'), '', ''), + '$password2' => array('confirm', t('Confirm New Password'), '', t('Leave password fields blank unless changing')), + '$submit' => t('Submit'), + '$email' => array('email', t('DId2 or Email Address:'), $email, '', '', $attremail), + '$email_hidden' => (($attremail) ? $email : ''), + '$removeme' => t('Remove Account'), + '$removeaccount' => t('Remove this account including all its channels'), '$account_settings' => $account_settings )); return $o; -- cgit v1.2.3