X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=httemplate%2Fpref%2Fpref-process.html;h=1b18d2ec8b850ccea0d6df23a2df22626483693f;hp=962ee51b611437188582c12589e9e40cdb1cc9d1;hb=11bbf29de447fe39e9d7155fe280a0df70fa8c3c;hpb=63973c641c4be00765fa27e55c57cc5b9aa4da19 diff --git a/httemplate/pref/pref-process.html b/httemplate/pref/pref-process.html index 962ee51b6..1b18d2ec8 100644 --- a/httemplate/pref/pref-process.html +++ b/httemplate/pref/pref-process.html @@ -1,12 +1,20 @@ % if ( $error ) { % $cgi->param('error', $error); -<% $cgi->redirect(popurl(1). "pref.html?". $cgi->query_string ) %> + <% $cgi->redirect(popurl(1). "pref.html?". $cgi->query_string ) %> % } else { -<% include('/elements/header.html', 'Preferences updated') %> -<% include('/elements/footer.html') %> + <% $cgi->redirect( -uri => popurl(1). "pref.html", + -cookie => CGI::Cookie->new( + -name => 'freeside_status', + -value => mt('Preferences updated'), + -expires => '+5m', + ), + ) + %> % } <%init> +my $access_user = $FS::CurrentUser::CurrentUser; + if ( FS::Conf->new->exists('disable_acl_changes') ) { errorpage("Preference changes disabled in public demo"); die "shouldn't be reached"; @@ -19,29 +27,27 @@ if ( FS::Auth->auth_class->can('change_password') qw(_password new_password new_password2) ) { - if ( $cgi->param('new_password') ne $cgi->param('new_password2') ) { - $error = "New passwords don't match"; + my $oldpass = $cgi->param('_password'); + my $newpass = $cgi->param('new_password'); + + if ( $newpass ne $cgi->param('new_password2') ) { + $error = mt("New passwords don't match"); - } elsif ( ! length($cgi->param('new_password')) ) { - $error = 'No new password entered'; + } elsif ( ! length($newpass) ) { + $error = mt('No new password entered'); - } elsif ( ! FS::Auth->authenticate( $FS::CurrentUser::CurrentUser, - scalar($cgi->param('_password')) ) - ) { - $error = 'Current password incorrect; password not changed'; + } elsif ( ! FS::Auth->authenticate( $access_user, $oldpass ) ) { + $error = mt('Current password incorrect; password not changed'); } else { - $error = $FS::CurrentUser::CurrentUser->change_password( - scalar($cgi->param('new_password')) - ); + $error = $access_user->is_password_allowed($newpass) + || $access_user->change_password($newpass); } } -my $access_user = $FS::CurrentUser::CurrentUser; - #well, if you got your password change wrong, you don't get anything else #changed right now. but it should be sticky on the form unless ( $error ) { # if ($access_user) { @@ -52,8 +58,10 @@ unless ( $error ) { # if ($access_user) { my @paramlist = qw( locale menu_position default_customer_view history_order spreadsheet_format mobile_menu - enable_fuzzy_on_exact disable_html_editor disable_enter_submit_onetimecharge + enable_mask_clipboard_hack dashboard_customers + customer_view_emails + printtofit email_address snom-ip snom-username snom-password vonage-fromnumber vonage-username vonage-password @@ -65,7 +73,7 @@ unless ( $error ) { # if ($access_user) { foreach (@paramlist) { scalar($cgi->param($_)) =~ /^[,.\-\@\w]*$/ && next; - $error ||= "Illegal value for parameter $_"; + $error ||= mt("Illegal value for parameter")." $_"; last; } @@ -83,7 +91,7 @@ if ( !$error and ($FS::TicketSystem::system || '') eq 'RT_Internal' ) { FS::TicketSystem->init; my $UserObj = FS::TicketSystem->session('')->{'CurrentUser'}->UserObj; # Bypass RT ModifySelf ACL - $UserObj->CurrentUser( RT::SystemUser ); + $UserObj->CurrentUser( $RT::SystemUser ); if ( $UserObj->Lang ne $locale ) { my ($val, $msg) = $UserObj->SetLang($locale); $error = $msg if !$val;