X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=httemplate%2Fpref%2Fpref-process.html;h=75e57958f5be9888fda7a66c0873562bbbb721d1;hp=242e12294efafd3120427df3e73421cf7e2a2d5e;hb=611a7c3b4b717a595a530402d15c1960ba3424bd;hpb=9d35792778885932c09102bd011b518eb47c5131 diff --git a/httemplate/pref/pref-process.html b/httemplate/pref/pref-process.html index 242e12294..75e57958f 100644 --- a/httemplate/pref/pref-process.html +++ b/httemplate/pref/pref-process.html @@ -2,43 +2,43 @@ % $cgi->param('error', $error); <% $cgi->redirect(popurl(1). "pref.html?". $cgi->query_string ) %> % } else { -<% include('/elements/header.html', 'Preferences updated') %> +<% include('/elements/header.html', mt('Preferences updated')) %> <% include('/elements/footer.html') %> % } <%init> +my $access_user = $FS::CurrentUser::CurrentUser; + if ( FS::Conf->new->exists('disable_acl_changes') ) { errorpage("Preference changes disabled in public demo"); die "shouldn't be reached"; } my $error = ''; -my $access_user = ''; -if ( grep { $cgi->param($_) !~ /^\s*$/ } - qw(_password new_password new_password2) +if ( FS::Auth->auth_class->can('change_password') + && grep { $cgi->param($_) !~ /^\s*$/ } + qw(_password new_password new_password2) ) { - $access_user = qsearchs( 'access_user', { - 'usernum' => $FS::CurrentUser::CurrentUser->usernum, - 'username' => $FS::CurrentUser::CurrentUser->username, - '_password' => scalar($cgi->param('_password')), - } ); + my $oldpass = $cgi->param('_password'); + my $newpass = $cgi->param('new_password'); - $error = 'Current password incorrect; password not changed' - unless $access_user; + if ( $newpass ne $cgi->param('new_password2') ) { + $error = mt("New passwords don't match"); - $error ||= "New passwords don't match" - unless $cgi->param('new_password') eq $cgi->param('new_password2'); + } elsif ( ! length($newpass) ) { + $error = mt('No new password entered'); - $error ||= "No new password entered" - unless length($cgi->param('new_password')); + } elsif ( ! FS::Auth->authenticate( $access_user, $oldpass ) ) { + $error = mt('Current password incorrect; password not changed'); - $access_user->_password($cgi->param('new_password')) unless $error; + } else { -} else { + $error = $access_user->is_password_allowed($newpass) + || $access_user->change_password($newpass); - $access_user = $FS::CurrentUser::CurrentUser; + } } @@ -52,8 +52,10 @@ unless ( $error ) { # if ($access_user) { my @paramlist = qw( locale menu_position default_customer_view history_order spreadsheet_format mobile_menu - enable_fuzzy_on_exact disable_html_editor disable_enter_submit_onetimecharge + enable_mask_clipboard_hack dashboard_customers + customer_view_emails + printtofit email_address snom-ip snom-username snom-password vonage-fromnumber vonage-username vonage-password @@ -65,7 +67,7 @@ unless ( $error ) { # if ($access_user) { foreach (@paramlist) { scalar($cgi->param($_)) =~ /^[,.\-\@\w]*$/ && next; - $error ||= "Illegal value for parameter $_"; + $error ||= mt("Illegal value for parameter")." $_"; last; } @@ -83,7 +85,7 @@ if ( !$error and ($FS::TicketSystem::system || '') eq 'RT_Internal' ) { FS::TicketSystem->init; my $UserObj = FS::TicketSystem->session('')->{'CurrentUser'}->UserObj; # Bypass RT ModifySelf ACL - $UserObj->CurrentUser( RT::SystemUser ); + $UserObj->CurrentUser( $RT::SystemUser ); if ( $UserObj->Lang ne $locale ) { my ($val, $msg) = $UserObj->SetLang($locale); $error = $msg if !$val;