From 80bfc5e1b11694553ddaa48e3b181462cfadc9dd Mon Sep 17 00:00:00 2001
From: Jonathan Prykop <jonathan@freeside.biz>
Date: Sat, 17 Dec 2016 19:53:23 -0600
Subject: [PATCH] 73443: Selfservice NG Password reset page

---
 FS/FS/ClientAPI_XMLRPC.pm                          |   1 +
 .../elements/add_password_validation.php           |  51 ++++++++++++
 ng_selfservice/images/error.png                    | Bin 0 -> 666 bytes
 ng_selfservice/images/tick.png                     | Bin 0 -> 537 bytes
 ng_selfservice/password.php                        |  89 ++++++++++++++++++++-
 ng_selfservice/xmlrpc_validate_passwd.php          |  15 ++++
 6 files changed, 155 insertions(+), 1 deletion(-)
 create mode 100644 ng_selfservice/elements/add_password_validation.php
 create mode 100644 ng_selfservice/images/error.png
 create mode 100644 ng_selfservice/images/tick.png
 create mode 100644 ng_selfservice/xmlrpc_validate_passwd.php
diff --git a/FS/FS/ClientAPI_XMLRPC.pm b/FS/FS/ClientAPI_XMLRPC.pm
index 3167aa0e3..e69a06e32 100644
--- a/FS/FS/ClientAPI_XMLRPC.pm
+++ b/FS/FS/ClientAPI_XMLRPC.pm
@@ -181,6 +181,7 @@ sub ss2clientapi {
   'reset_passwd'              => 'MyAccount/reset_passwd',
   'check_reset_passwd'        => 'MyAccount/check_reset_passwd',
   'process_reset_passwd'      => 'MyAccount/process_reset_passwd',
+  'validate_passwd'           => 'MyAccount/validate_passwd',
   'list_tickets'              => 'MyAccount/list_tickets',
   'create_ticket'             => 'MyAccount/create_ticket',
   'get_ticket'                => 'MyAccount/get_ticket',
diff --git a/ng_selfservice/elements/add_password_validation.php b/ng_selfservice/elements/add_password_validation.php
new file mode 100644
index 000000000..6938437eb
--- /dev/null
+++ b/ng_selfservice/elements/add_password_validation.php
@@ -0,0 +1,51 @@
+<SCRIPT>
+function add_password_validation (fieldid,nologin) {
+  var inputfield = document.getElementById(fieldid);
+  inputfield.onchange = function () {
+    var fieldid = this.id+'_result';
+    var resultfield = document.getElementById(fieldid);
+    var svcnum = '';
+    var svcfield = document.getElementById(this.id+'_svcnum');
+    if (svcfield) {
+      svcnum = svcfield.options[svcfield.selectedIndex].value;
+    }
+    if (this.value) {
+      resultfield.innerHTML = '<SPAN STYLE="color: blue;">Validating password...</SPAN>';
+      var validate_data = {
+        fieldid: fieldid,
+        check_password: this.value,
+      };
+      if (!nologin) {
+        validate_data['svcnum'] = svcnum;
+      }
+      $.ajax({
+        url: 'xmlrpc_validate_passwd.php',
+        data: validate_data,
+        method: 'POST',
+        success: function ( result ) {
+          result = JSON.parse(result);
+          var resultfield = document.getElementById(fieldid);
+          if (resultfield) {
+            var errorimg = '<IMG SRC="images/error.png" style="width: 1em; display: inline-block; padding-right: .5em">';
+            var validimg = '<IMG SRC="images/tick.png" style="width: 1em; display: inline-block; padding-right: .5em">';
+            if (result.password_valid) {
+              resultfield.innerHTML = validimg+'<SPAN STYLE="color: green;">Password valid!</SPAN>';
+            } else if (result.password_invalid) {
+              resultfield.innerHTML = errorimg+'<SPAN STYLE="color: red;">'+result.password_invalid+'</SPAN>';
+            } else {
+              resultfield.innerHTML = '';
+            }
+          }
+        },
+        error: function (  jqXHR, textStatus, errorThrown ) {
+          var resultfield = document.getElementById(fieldid);
+          console.log('ajax error: '+textStatus+'+'+errorThrown);
+          if (resultfield) {
+            resultfield.innerHTML = '';
+          }
+        },
+      });
+    }
+  };
+}
+</SCRIPT>
diff --git a/ng_selfservice/images/error.png b/ng_selfservice/images/error.png
new file mode 100644
index 0000000000000000000000000000000000000000..628cf2dae3d419ae220c8928ac71393b480745a3
GIT binary patch
literal 666
zcmV;L0%iS)P)<h;3K|Lk000e1NJLTq000mG000mO1^@s6AM^iV00004XF*Lt006JZ
zHwB960000PbVXQnQ*UN;cVTj606}DLVr3vnZDD6+Qe|Oed2z{QJOBU!EJ;K`R5;6}
zQ%gvc0TBNFhpVpZYs*vuLt9diOv=bL4R1XR>eOSYYtbpBV}~vsBnU!_?2tr-P=|^T
zED<b;h)xArC`LwRuDi0BivEw8uY($aYXuI>%wc9ezHgW@NMb!^uT_|SvCpFLJylbx
zY%bpaTGI8IYXMN$9w<3j9VkA~NYOKEQXsj?6a9_hcwfU$acAhJhB)zb_w@MVUEy@S
zX&I>K-R!bhu3?(6bHWIg$HEl7{9g>>&l_qdd+UYb(1~BCo9LptNq&8>!yoJ3Ui(i5
zRJ|XnYBklL!{@$-7=3mJ>P@1c=7Oc79e-V7yf+%lD2!I;Y&nXBZ>=B!5?CB>LvEx6
znI%n)qqi$#X#wKB(U7XP2P=+4{b@j#r%9-K(8UqtSDk>0UKzf*HM9yqMZ1D!$2MdZ
zR=`U>0zhOH1XqN?nY@AQqB7)Fp4{v&dKXvb43hZKvnN8;Po;+jY*}~*Z|W9Q0W%{D
z^T}Cc<|r(Su=1K=<sQLMN1ZE<U%m5Ea@1Tp8to2kJ7-hpAhT}(Dgffk;4r2>P5>Z4
zg`et&Va}tdzBS-G-ZcO)zCWpJvGQwrHZ`@wpM420ac@bI5~KkTFfGEM3sPWO8<ADs
zh7X-F%!~{kwpFCFAaZKyF+vTnL(ye%#)|yqz~B3T5kTqQvq%jMT(v1Wka%_eG)1AJ
z_%n+q5XXb>co4^fI6lPnA)Y{ef%@{+SnoUk0+dW+*{8WvF8}}l07*qoM6N<$g7cXs
A&j0`b

literal 0
HcmV?d00001

diff --git a/ng_selfservice/images/tick.png b/ng_selfservice/images/tick.png
new file mode 100644
index 0000000000000000000000000000000000000000..a9925a06ab02db30c1e7ead9c701c15bc63145cb
GIT binary patch
literal 537
zcmV+!0_OdRP)<h;3K|Lk000e1NJLTq000mG000mO1^@s6AM^iV00004XF*Lt006JZ
zHwB960000PbVXQnQ*UN;cVTj606}DLVr3vnZDD6+Qe|Oed2z{QJOBUzt4TybR5;7M
zli4mqVHAaX=Q!_TZq*o5LaK&TC+g@aMJbINs;8}1t3yf*$E6r*j>Hs{AQG2a)rMyf
zFQK~pm1x3+7!nu%-M`k}``c>^00{o_1pjWJUTfl8mg=3qGEl8H@}^@w`VUx0_$uy4
z2FhRqKX}xI*?Tv<H&*Dj)Tr<j*}f%KtVns|p$^k=7pCG)bZ)nz(p!uYhmcBtGG4MZ
zhBKz;vsk_?<x?$B#+(Sm9B-A&-Qq;?SOJwD!Fa)z^`0_M+_eepu5##IOknYS`&tC<
z#^ArRgWXi2%vG2uvgcE2i2di<+TKw6qc6;1IyMf?mMlSF4apWIQ-(bTzNj7ETMiu?
z3Y3nE5@K5(^<j-YCz?$CVH?a>1DJd8z#F#0c%*~rM30HE1@2o5m~}ZyoWhqv>ql{V
z1ZGE0lgcoK^lx+eqc*rAX1Ky;Xx3U%u#zG!m-;eD1Qsn@kf3|F9qz~|95=&g3(7!X
zB}JAT>RU;a%vaNOGnJ%e1=K6eAh43c(QN8RQ6~GP%O}Jju$~Ld*%`mO1p<rCAIZx2
bmuq|lzM`o-QVIh|00000NkvXXu0mjfO@{7Q

literal 0
HcmV?d00001

diff --git a/ng_selfservice/password.php b/ng_selfservice/password.php
index 41296ed2d..a6e67951a 100644
--- a/ng_selfservice/password.php
+++ b/ng_selfservice/password.php
@@ -1,5 +1,92 @@
 <? $title ='Change Password'; include('elements/header.php'); ?>
 <? $current_menu = 'password.php'; include('elements/menu.php'); ?>
-Chagne password
+<?
+$error = '';
+$pwd_change_success = false;
+if ( isset($_POST['svcnum']) ) {
+
+  $pwd_change_result = $freeside->myaccount_passwd(array(
+    'session_id'    => $_COOKIE['session_id'],
+    'svcnum'        => $_POST['svcnum'],
+    'new_password'  => $_POST['new_password'],
+    'new_password2' => $_POST['new_password2'],
+  ));
+
+  if ($pwd_change_result['error']) {
+    $error = $pwd_change_result['error'];
+  } else {
+    $pwd_change_success = true;
+  }
+}
+
+if ($pwd_change_success) {
+?>
+
+<P>Password changed for <? echo $pwd_change_result['value'],' ',$pwd_change_result['label'] ?>.</P>
+
+<?
+} else {
+  $pwd_change_svcs = $freeside->list_svcs(array(
+    'session_id' => $_COOKIE['session_id'],
+    'svcdb'      => 'svc_acct',
+  ));
+  if (isset($pwd_change_svcs['error'])) {
+    $error = $error || $pwd_change_svcs['error'];
+  }
+  if (!isset($pwd_change_svcs['svcs'])) {
+    $pwd_change_svcs['svcs'] = $pwd_change_svcs['svcs'];
+    $error = $error || 'Unknown error loading services';
+  }
+  if ($error) {
+    include('elements/error.php');
+  }
+?>
+
+<FORM METHOD="POST">
+<TABLE BGCOLOR="#cccccc">
+  <TR>
+    <TH ALIGN="right">Change password for account: </TH>
+    <TD>
+      <SELECT ID="new_password_svcnum" NAME="svcnum">
+<?
+  $selected_svcnum = isset($_POST['svcnum']) ? $_POST['svcnum'] : $pwd_change_svcs['svcnum'];
+  foreach ($pwd_change_svcs['svcs'] as $svc) {
+?>
+        <OPTION VALUE="<? echo $svc['svcnum'] ?>"<? echo $selected_svcnum == $svc['svcnum'] ? ' SELECTED' : '' ?>>
+          <? echo $svc['label'],': ',$svc['value'] ?>
+        </OPTION>
+<?
+  }
+?>
+      </SELECT>
+    </TD>
+  </TR>
+
+  <TR>
+    <TH ALIGN="right">New password: </TH>
+    <TD>
+      <INPUT ID="new_password" TYPE="password" NAME="new_password" SIZE="18">
+      <DIV ID="new_password_result"></DIV>
+<? include('elements/add_password_validation.php'); ?>
+      <SCRIPT>add_password_validation('new_password');</SCRIPT>
+    </TD>
+  </TR>
+
+  <TR>
+    <TH ALIGN="right">Re-enter new password: </TH>
+    <TD><INPUT TYPE="password" NAME="new_password2" SIZE="18"></TD>
+  </TR>
+
+</TABLE>
+<BR>
+
+<INPUT TYPE="submit" VALUE="Change password">
+
+</FORM>
+
+<?
+} // end if $pwd_change_show_form
+?>
+
 <? include('elements/menu_footer.php'); ?>
 <? include('elements/footer.php'); ?>
diff --git a/ng_selfservice/xmlrpc_validate_passwd.php b/ng_selfservice/xmlrpc_validate_passwd.php
new file mode 100644
index 000000000..5632dc3f1
--- /dev/null
+++ b/ng_selfservice/xmlrpc_validate_passwd.php
@@ -0,0 +1,15 @@
+<?
+
+require_once('elements/session.php');
+
+$xmlrpc_args = array(
+  fieldid        => $_POST['fieldid'],
+  check_password => $_POST['check_password'],
+  svcnum         => $_POST['svcnum'],
+  session_id     => $_COOKIE['session_id']
+);
+
+$result = $freeside->validate_passwd($xmlrpc_args);
+echo json_encode($result);
+
+?>
-- 
2.11.0


Change password for account:	+ +
New password:	+ + + + +
Re-enter new password: