Commit 972f3b4f authored by Nigel McNie's avatar Nigel McNie Committed by Nigel McNie
Browse files

Allowed the user to change their password via their account screen.

parent 53650e84
......@@ -34,82 +34,160 @@ require_once('form.php');
// load up user preferences
$prefs = (object)($SESSION->get('accountprefs'));
$authtype = auth_get_authtype_for_institution($USER->institution);
$authclass = 'Auth' . ucfirst($authtype);
safe_require('auth', $authtype);
// @todo auth preference for a password change screen for all auth methods other than internal
if (method_exists($authclass, 'change_password')) {
$elements = array(
'changepassworddesc' => array(
'value' => '<tr><td colspan="2"><p>' . get_string('changepassworddesc', 'account') . '</p></td></tr>'
),
'oldpassword' => array( 'type' => 'password',
'title' => get_string('oldpassword'),
),
'password1' => array(
'type' => 'password',
'title' => get_string('newpassword'),
),
'password2' => array(
'type' => 'password',
'title' => get_string('confirmpassword')
),
);
}
else if ($url = get_config_plugin('auth', $authtype, 'changepasswordurl')) {
$elements = array(
'changepasswordotherinterface' => array(
'value' => '<tr><td colspan="2"><p>' . get_string('changepasswordotherinterface', 'account', $url) . '</p></td></tr>'
)
);
}
else {
$elements = array();
}
$elements['accountoptionsdesc'] = array(
'value' => '<tr><td colspan="2"><p>You can set general account options here</p></td></tr>'
);
$elements['friendscontrol'] = array(
'type' => 'radio',
'defaultvalue' => $prefs->friendscontrol,
'title' => get_string('friendsdescr', 'account'),
'separator' => HTML_BR,
'options' => array(
'nobody' => get_string('friendsnobody', 'account'),
'auth' => get_string('friendsauth', 'account'),
'auto' => get_string('friendsauto', 'account')
),
'rules' => array(
'required' => true
),
'help' => true
);
$elements['wysiwyg'] = array(
'type' => 'radio',
'defaultvalue' => $prefs->wysiwyg,
'title' => get_string('wysiwygdescr', 'account'),
'options' => array(
1 => get_string('on', 'account'),
0 => get_string('off', 'account'),
),
'rules' => array(
'required' => true
)
);
$elements['messages'] = array(
'type' => 'radio',
'defaultvalue' => $prefs->messages,
'title' => get_string('messagesdescr', 'account'),
'separator' => HTML_BR,
'options' => array(
'nobody' => get_string('messagesnobody', 'account'),
'friends' => get_string('messagesfriends', 'account'),
'allow' => get_string('messagesallow', 'account'),
),
'rules' => array(
'required' => true
)
);
$elements['lang'] = array(
'type' => 'select',
'defaultvalue' => $prefs->lang,
'title' => get_string('language', 'account'),
'options' => get_languages(),
'rules' => array(
'required' => true
)
);
$elements['submit'] = array(
'type' => 'submit',
'value' => get_string('save')
);
$prefsform = array(
'name' => 'accountprefs',
'method' => 'post',
'ajaxpost' => true,
'plugintype' => 'core',
'pluginname' => 'account',
'elements' => array(
'friendscontrol' => array(
'type' => 'radio',
'defaultvalue' => $prefs->friendscontrol,
'title' => get_string('friendsdescr', 'account'),
'separator' => HTML_BR,
'options' => array(
'nobody' => get_string('friendsnobody', 'account'),
'auth' => get_string('friendsauth', 'account'),
'auto' => get_string('friendsauto', 'account')
),
'rules' => array(
'required' => true
),
'help' => true
),
'wysiwyg' => array(
'type' => 'radio',
'defaultvalue' => $prefs->wysiwyg,
'title' => get_string('wysiwygdescr', 'account'),
'options' => array(
1 => get_string('on', 'account'),
0 => get_string('off', 'account'),
),
'rules' => array(
'required' => true
)
),
'messages' => array(
'type' => 'radio',
'defaultvalue' => $prefs->messages,
'title' => get_string('messagesdescr', 'account'),
'separator' => HTML_BR,
'options' => array(
'nobody' => get_string('messagesnobody', 'account'),
'friends' => get_string('messagesfriends', 'account'),
'allow' => get_string('messagesallow', 'account'),
),
'rules' => array(
'required' => true
)
),
'lang' => array(
'type' => 'select',
'defaultvalue' => $prefs->lang,
'title' => get_string('language', 'account'),
'options' => get_languages(),
'rules' => array(
'required' => true
)
),
'submit' => array(
'type' => 'submit',
'value' => get_string('save'),
),
),
'ajaxsuccessfunction' => 'clearPasswords',
'elements' => $elements
);
$smarty = smarty();
$smarty->assign('form', form($prefsform));
$smarty->assign('INLINEJAVASCRIPT', "
function clearPasswords() {
$('oldpassword').value = '';
$('password1').value = '';
$('password2').value = '';
}");
$smarty->display('account/index.tpl');
function accountprefs_validate(Form $form, $values) {
if ($values['oldpassword'] !== '') {
global $SESSION, $authtype, $authclass;
if (!call_static_method($authclass, 'authenticate_user_account', $SESSION->get('username'), $values['oldpassword'], $SESSION->get('institution'))) {
$form->set_error('oldpassword', get_string('oldpasswordincorrect', 'account'));
return;
}
$user = new StdClass;
$user->username = $SESSION->get('username');
$user->institution = $SESSION->get('institution');
password_validate($form, $values, $user);
}
else if ($values['password1'] !== '' || $values['password2'] !== '') {
$form->set_error('oldpassword', get_string('mustspecifyoldpassword'));
}
}
function accountprefs_submit($values) {
global $SESSION;
db_begin();
if ($values['password1'] !== '') {
global $authclass;
$password = call_static_method($authclass, 'change_password', $SESSION->get('username'), $values['password1']);
$user = new StdClass;
$user->password = $password;
$user->passwordchange = 0;
$where = new StdClass;
$where->username = $SESSION->get('username');
update_record('usr', $user, $where);
$SESSION->set('password', $password);
$SESSION->set('passwordchange', 0);
}
// use this as looping through values is not safe.
$expectedprefs = expected_account_preferences();
foreach (array_keys($expectedprefs) as $pref) {
$SESSION->set_account_preference($pref, $values[$pref]);
}
db_commit();
json_reply(false, get_string('prefssaved', 'account'));
exit;
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment