Change email seems to work, also for admin's :)
This commit is contained in:
parent
2a1b8f9dd2
commit
f835f4a85f
6 changed files with 163 additions and 16 deletions
|
@ -156,7 +156,7 @@ class Users{
|
||||||
* @takes $email
|
* @takes $email
|
||||||
* @return
|
* @return
|
||||||
*/
|
*/
|
||||||
private function checkEmail( $email )
|
public function checkEmail( $email )
|
||||||
{
|
{
|
||||||
if ( isset( $email ) ){
|
if ( isset( $email ) ){
|
||||||
if ( !Users::validEmail( $email ) ){
|
if ( !Users::validEmail( $email ) ){
|
||||||
|
@ -381,7 +381,31 @@ class Users{
|
||||||
try {
|
try {
|
||||||
$dbl = new DBLayer($cfg['db']['lib']);
|
$dbl = new DBLayer($cfg['db']['lib']);
|
||||||
$dbl->execute("INSERT INTO ams_querycache (type, query) VALUES (:type, :query)",array("type" => "changepass",
|
$dbl->execute("INSERT INTO ams_querycache (type, query) VALUES (:type, :query)",array("type" => "changepass",
|
||||||
"query" => json_encode(array($values["name"],$values["pass"]))));
|
"query" => json_encode(array($values["user"],$values["pass"]))));
|
||||||
|
return "shardoffline";
|
||||||
|
}catch (PDOException $e) {
|
||||||
|
return "liboffline";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
protected function setAmsEmail($user, $mail){
|
||||||
|
|
||||||
|
global $cfg;
|
||||||
|
$values = Array('user' => $user, 'mail' => $mail);
|
||||||
|
|
||||||
|
try {
|
||||||
|
//make connection with and put into shard db
|
||||||
|
$dbs = new DBLayer($cfg['db']['shard']);
|
||||||
|
$dbs->execute("UPDATE user SET Email = :mail WHERE Login = :user ",$values);
|
||||||
|
return "ok";
|
||||||
|
}
|
||||||
|
catch (PDOException $e) {
|
||||||
|
//oh noooz, the shard is offline! Put in query queue at ams_lib db!
|
||||||
|
try {
|
||||||
|
$dbl = new DBLayer($cfg['db']['lib']);
|
||||||
|
$dbl->execute("INSERT INTO ams_querycache (type, query) VALUES (:type, :query)",array("type" => "changemail",
|
||||||
|
"query" => json_encode(array($values["user"],$values["mail"]))));
|
||||||
return "shardoffline";
|
return "shardoffline";
|
||||||
}catch (PDOException $e) {
|
}catch (PDOException $e) {
|
||||||
return "liboffline";
|
return "liboffline";
|
||||||
|
|
|
@ -60,6 +60,16 @@ class WebUsers extends Users{
|
||||||
return $row['Login'];
|
return $row['Login'];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function getEmail($id){
|
||||||
|
global $cfg;
|
||||||
|
|
||||||
|
$dbw = new DBLayer($cfg['db']['web']);
|
||||||
|
$statement = $dbw->execute("SELECT * FROM ams_user WHERE UId=:id", array('id' => $id));
|
||||||
|
$row = $statement->fetch();
|
||||||
|
return $row['Email'];
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
public function isLoggedIn(){
|
public function isLoggedIn(){
|
||||||
if(isset($_SESSION['user'])){
|
if(isset($_SESSION['user'])){
|
||||||
return true;
|
return true;
|
||||||
|
@ -89,4 +99,19 @@ class WebUsers extends Users{
|
||||||
return $reply;
|
return $reply;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function setEmail($user, $mail){
|
||||||
|
global $cfg;
|
||||||
|
$reply = WebUsers::setAmsEmail($user, $mail);
|
||||||
|
$values = Array('user' => $user, 'mail' => $mail);
|
||||||
|
try {
|
||||||
|
//make connection with and put into shard db
|
||||||
|
$dbw = new DBLayer($cfg['db']['web']);
|
||||||
|
$dbw->execute("UPDATE ams_user SET Email = :mail WHERE Login = :user ",$values);
|
||||||
|
}
|
||||||
|
catch (PDOException $e) {
|
||||||
|
//ERROR: the web DB is offline
|
||||||
|
}
|
||||||
|
return $reply;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
|
@ -0,0 +1,80 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
function change_mail(){
|
||||||
|
|
||||||
|
try{
|
||||||
|
//if logged in
|
||||||
|
if(WebUsers::isLoggedIn()){
|
||||||
|
|
||||||
|
if(isset($_POST['target_id'])){
|
||||||
|
|
||||||
|
|
||||||
|
if( ($_POST['target_id'] == $_SESSION['id']) || WebUsers::isAdmin() ){
|
||||||
|
if($_POST['target_id'] == $_SESSION['id']){
|
||||||
|
$target_username = $_SESSION['user'];
|
||||||
|
}else{
|
||||||
|
$target_username = WebUsers::getUsername($_POST['target_id']);
|
||||||
|
}
|
||||||
|
|
||||||
|
$webUser = new WebUsers();
|
||||||
|
$reply = $webUser->checkEmail($_POST['NewEmail']);
|
||||||
|
if ( $reply != "success" ){
|
||||||
|
$result['EMAIL_ERROR'] = 'TRUE';
|
||||||
|
}else{
|
||||||
|
$result['EMAIL_ERROR'] = 'FALSE';
|
||||||
|
}
|
||||||
|
$result['prevNewEmail'] = $_POST["NewEmail"];
|
||||||
|
|
||||||
|
if ($reply== "success"){
|
||||||
|
$status = WebUsers::setEmail($target_username, $_POST["NewEmail"] );
|
||||||
|
if($status == 'ok'){
|
||||||
|
$result['SUCCESS_MAIL'] = "OK";
|
||||||
|
}else if($status == 'shardoffline'){
|
||||||
|
$result['SUCCESS_MAIL'] = "SHARDOFF";
|
||||||
|
}
|
||||||
|
$result['permission'] = $_SESSION['permission'];
|
||||||
|
$result['no_visible_elements'] = 'FALSE';
|
||||||
|
$result['target_id'] = $_POST['target_id'];
|
||||||
|
if(isset($_GET['id'])){
|
||||||
|
if(WebUsers::isAdmin() && ($_POST['target_id'] != $_SESSION['id'])){
|
||||||
|
$result['isAdmin'] = "TRUE";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
helpers :: loadtemplate( 'settings', $result);
|
||||||
|
exit;
|
||||||
|
|
||||||
|
}else{
|
||||||
|
$result['EMAIL'] = $reply;
|
||||||
|
$result['permission'] = $_SESSION['permission'];
|
||||||
|
$result['no_visible_elements'] = 'FALSE';
|
||||||
|
$return['username'] = $_SESSION['user'];
|
||||||
|
$result['target_id'] = $_POST['target_id'];
|
||||||
|
if(isset($_GET['id'])){
|
||||||
|
if(WebUsers::isAdmin() && ($_POST['target_id'] != $_SESSION['id'])){
|
||||||
|
$result['isAdmin'] = "TRUE";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
helpers :: loadtemplate( 'settings', $result);
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
}else{
|
||||||
|
//ERROR: permission denied!
|
||||||
|
}
|
||||||
|
|
||||||
|
}else{
|
||||||
|
//ERROR: The form was not filled in correclty
|
||||||
|
}
|
||||||
|
}else{
|
||||||
|
//ERROR: user is not logged in
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
}catch (PDOException $e) {
|
||||||
|
//go to error page or something, because can't access website db
|
||||||
|
print_r($e);
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
|
@ -18,7 +18,6 @@ function change_password(){
|
||||||
$adminChangesOther = true;
|
$adminChangesOther = true;
|
||||||
$_POST["CurrentPass"] = "dummypass";
|
$_POST["CurrentPass"] = "dummypass";
|
||||||
}
|
}
|
||||||
$id = $_POST['target_id'];
|
|
||||||
|
|
||||||
$webUser = new WebUsers();
|
$webUser = new WebUsers();
|
||||||
$params = Array( 'user' => $target_username, 'CurrentPass' => $_POST["CurrentPass"], 'NewPass' => $_POST["NewPass"], 'ConfirmNewPass' => $_POST["ConfirmNewPass"], 'adminChangesOther' => $adminChangesOther);
|
$params = Array( 'user' => $target_username, 'CurrentPass' => $_POST["CurrentPass"], 'NewPass' => $_POST["NewPass"], 'ConfirmNewPass' => $_POST["ConfirmNewPass"], 'adminChangesOther' => $adminChangesOther);
|
||||||
|
@ -29,9 +28,9 @@ function change_password(){
|
||||||
$hashpass = crypt($_POST["NewPass"], WebUsers::generateSALT());
|
$hashpass = crypt($_POST["NewPass"], WebUsers::generateSALT());
|
||||||
$status = WebUsers::setPassword($target_username, $hashpass);
|
$status = WebUsers::setPassword($target_username, $hashpass);
|
||||||
if($status == 'ok'){
|
if($status == 'ok'){
|
||||||
$succresult['SUCCESS'] = "OK";
|
$succresult['SUCCESS_PASS'] = "OK";
|
||||||
}else if($status == 'shardoffline'){
|
}else if($status == 'shardoffline'){
|
||||||
$succresult['SUCCESS'] = "SHARDOFF";
|
$succresult['SUCCESS_PASS'] = "SHARDOFF";
|
||||||
}
|
}
|
||||||
$succresult['permission'] = $_SESSION['permission'];
|
$succresult['permission'] = $_SESSION['permission'];
|
||||||
$succresult['no_visible_elements'] = 'FALSE';
|
$succresult['no_visible_elements'] = 'FALSE';
|
||||||
|
@ -51,6 +50,7 @@ function change_password(){
|
||||||
$result['prevConfirmNewPass'] = $_POST["ConfirmNewPass"];
|
$result['prevConfirmNewPass'] = $_POST["ConfirmNewPass"];
|
||||||
$result['permission'] = $_SESSION['permission'];
|
$result['permission'] = $_SESSION['permission'];
|
||||||
$result['no_visible_elements'] = 'FALSE';
|
$result['no_visible_elements'] = 'FALSE';
|
||||||
|
$return['username'] = $_SESSION['user'];
|
||||||
$result['target_id'] = $_POST['target_id'];
|
$result['target_id'] = $_POST['target_id'];
|
||||||
if(isset($_GET['id'])){
|
if(isset($_GET['id'])){
|
||||||
if(WebUsers::isAdmin() && ($_POST['target_id'] != $_SESSION['id'])){
|
if(WebUsers::isAdmin() && ($_POST['target_id'] != $_SESSION['id'])){
|
||||||
|
|
|
@ -8,10 +8,12 @@ function settings(){
|
||||||
$result['isAdmin'] = "TRUE";
|
$result['isAdmin'] = "TRUE";
|
||||||
}
|
}
|
||||||
$result['target_id'] = $_GET['id'];
|
$result['target_id'] = $_GET['id'];
|
||||||
|
$result['current_mail'] = WebUsers::getEmail($_GET['id']);
|
||||||
}else{
|
}else{
|
||||||
$result['target_id'] = $_SESSION['id'];
|
$result['target_id'] = $_SESSION['id'];
|
||||||
|
$result['current_mail'] = WebUsers::getEmail($_SESSION['id']);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $result;
|
return $result;
|
||||||
}else{
|
}else{
|
||||||
//ERROR: not logged in!
|
//ERROR: not logged in!
|
||||||
|
|
|
@ -52,15 +52,15 @@
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
{if isset($SUCCESS) and $SUCCESS eq "OK"}
|
{if isset($SUCCESS_PASS) and $SUCCESS_PASS eq "OK"}
|
||||||
<div class="alert alert-success">
|
<div class="alert alert-success">
|
||||||
Your password has been changed!
|
The password has been changed!
|
||||||
</div>
|
</div>
|
||||||
{/if}
|
{/if}
|
||||||
|
|
||||||
{if isset($SUCCESS) and $SUCCESS eq "SHARDOFF"}
|
{if isset($SUCCESS_PASS) and $SUCCESS_PASS eq "SHARDOFF"}
|
||||||
<div class="alert alert-warning">
|
<div class="alert alert-warning">
|
||||||
Your password has been changed, though the shard seems offline, it may take some time to see the change on the shard.
|
The password has been changed, though the shard seems offline, it may take some time to see the change on the shard.
|
||||||
</div>
|
</div>
|
||||||
{/if}
|
{/if}
|
||||||
|
|
||||||
|
@ -87,18 +87,34 @@
|
||||||
</div>
|
</div>
|
||||||
<div class="box-content">
|
<div class="box-content">
|
||||||
<div class="row-fluid">
|
<div class="row-fluid">
|
||||||
<form id="changeEmail" class="form-vertical" method="post" action="index.php">
|
<form id="changeEmail" class="form-vertical" method="post" action="index.php?page=settings&id={$target_id}">
|
||||||
<legend>Change Email</legend>
|
<legend>Change Email</legend>
|
||||||
<div class="control-group">
|
<div class="control-group {if isset($EMAIL_ERROR) and $EMAIL_ERROR eq "TRUE"}error{/if}">
|
||||||
<label class="control-label">New Email</label>
|
<label class="control-label">New Email</label>
|
||||||
<div class="controls">
|
<div class="controls">
|
||||||
<div class="input-prepend">
|
<div class="input-prepend">
|
||||||
<span class="add-on" style="margin-left:5px;"><i class="icon-envelope"></i></span>
|
<span class="add-on" style="margin-left:5px;"><i class="icon-envelope"></i></span>
|
||||||
<input type="text" class="input-xlarge" id="NewEmail" name="NewEmail" placeholder="Your new email">
|
<input type="text" class="input-xlarge" id="NewEmail" name="NewEmail" placeholder="Your new email" {if isset($prevNewEmail)}value="{$prevNewEmail}"{else if isset($current_mail)}value="{$current_mail}"{/if}>
|
||||||
</div>
|
{if isset($EMAIL_ERROR) and $EMAIL_ERROR eq "TRUE"}<span class="help-inline">{$EMAIL}</span>{/if}
|
||||||
|
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<input type="hidden" name="function" value="change_email">
|
|
||||||
|
{if isset($SUCCESS_MAIL) and $SUCCESS_MAIL eq "OK"}
|
||||||
|
<div class="alert alert-success">
|
||||||
|
The email has been changed!
|
||||||
|
</div>
|
||||||
|
{/if}
|
||||||
|
|
||||||
|
{if isset($SUCCESS_MAIL) and $SUCCESS_MAIL eq "SHARDOFF"}
|
||||||
|
<div class="alert alert-warning">
|
||||||
|
The email has been changed, though the shard seems offline, it may take some time to see the change on the shard.
|
||||||
|
</div>
|
||||||
|
{/if}
|
||||||
|
|
||||||
|
<input type="hidden" name="function" value="change_mail">
|
||||||
|
<input type="hidden" name="target_id" value="{$target_id}">
|
||||||
<div class="control-group">
|
<div class="control-group">
|
||||||
<label class="control-label"></label>
|
<label class="control-label"></label>
|
||||||
<div class="controls">
|
<div class="controls">
|
||||||
|
|
Loading…
Reference in a new issue