diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2013-05-09 01:42:39 -0700 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2013-05-09 01:42:39 -0700 |
| commit | 120718856665ca90ad852535d1155f8ea8ecb6b6 (patch) | |
| tree | 2ac0472c1fd67ecc843619597f1cca7d8f774204 /httemplate/pref | |
| parent | d8843f184a7f6ee87eec99724f2d6430c1df34ea (diff) | |
NG auth: pw changes, RT#21563
Diffstat (limited to 'httemplate/pref')
| -rw-r--r-- | httemplate/pref/pref-process.html | 36 | ||||
| -rw-r--r-- | httemplate/pref/pref.html | 34 |
2 files changed, 36 insertions, 34 deletions
diff --git a/httemplate/pref/pref-process.html b/httemplate/pref/pref-process.html index 242e12294..962ee51b6 100644 --- a/httemplate/pref/pref-process.html +++ b/httemplate/pref/pref-process.html @@ -13,35 +13,35 @@ if ( FS::Conf->new->exists('disable_acl_changes') ) { } my $error = ''; -my $access_user = ''; -if ( grep { $cgi->param($_) !~ /^\s*$/ } - qw(_password new_password new_password2) +if ( FS::Auth->auth_class->can('change_password') + && grep { $cgi->param($_) !~ /^\s*$/ } + qw(_password new_password new_password2) ) { - $access_user = qsearchs( 'access_user', { - 'usernum' => $FS::CurrentUser::CurrentUser->usernum, - 'username' => $FS::CurrentUser::CurrentUser->username, - '_password' => scalar($cgi->param('_password')), - } ); + if ( $cgi->param('new_password') ne $cgi->param('new_password2') ) { + $error = "New passwords don't match"; - $error = 'Current password incorrect; password not changed' - unless $access_user; + } elsif ( ! length($cgi->param('new_password')) ) { + $error = 'No new password entered'; - $error ||= "New passwords don't match" - unless $cgi->param('new_password') eq $cgi->param('new_password2'); + } elsif ( ! FS::Auth->authenticate( $FS::CurrentUser::CurrentUser, + scalar($cgi->param('_password')) ) + ) { + $error = 'Current password incorrect; password not changed'; - $error ||= "No new password entered" - unless length($cgi->param('new_password')); + } else { - $access_user->_password($cgi->param('new_password')) unless $error; + $error = $FS::CurrentUser::CurrentUser->change_password( + scalar($cgi->param('new_password')) + ); -} else { - - $access_user = $FS::CurrentUser::CurrentUser; + } } +my $access_user = $FS::CurrentUser::CurrentUser; + #well, if you got your password change wrong, you don't get anything else #changed right now. but it should be sticky on the form unless ( $error ) { # if ($access_user) { diff --git a/httemplate/pref/pref.html b/httemplate/pref/pref.html index 9861c3f85..dc44db0b0 100644 --- a/httemplate/pref/pref.html +++ b/httemplate/pref/pref.html @@ -4,28 +4,30 @@ <% include('/elements/error.html') %> +% if ( FS::Auth->auth_class->can('change_password') ) { -<% mt('Change password (leave blank for no change)') |h %> -<% ntable("#cccccc",2) %> + <% mt('Change password (leave blank for no change)') |h %> + <% ntable("#cccccc",2) %> - <TR> - <TH ALIGN="right">Current password: </TH> - <TD><INPUT TYPE="password" NAME="_password"></TD> - </TR> + <TR> + <TH ALIGN="right">Current password: </TH> + <TD><INPUT TYPE="password" NAME="_password"></TD> + </TR> - <TR> - <TH ALIGN="right">New password: </TH> - <TD><INPUT TYPE="password" NAME="new_password"></TD> - </TR> + <TR> + <TH ALIGN="right">New password: </TH> + <TD><INPUT TYPE="password" NAME="new_password"></TD> + </TR> - <TR> - <TH ALIGN="right">Re-enter new password: </TH> - <TD><INPUT TYPE="password" NAME="new_password2"></TD> - </TR> + <TR> + <TH ALIGN="right">Re-enter new password: </TH> + <TD><INPUT TYPE="password" NAME="new_password2"></TD> + </TR> -</TABLE> -<BR> + </TABLE> + <BR> +% } Interface <% ntable("#cccccc",2) %> |