diff options
| author | vincent-peugnet <v.peugnet@free.fr> | 2020-05-18 09:47:58 +0200 |
|---|---|---|
| committer | vincent-peugnet <v.peugnet@free.fr> | 2020-05-18 09:47:58 +0200 |
| commit | 7baf75c9ee6a7ab3eaa8d35cb4709430426721cb (patch) | |
| tree | 399205abab1a7ef3d4bfab5d61a07c089518ff46 /app/class | |
| parent | ded1b2a19ee238543d561b6f26312458d2a43974 (diff) | |
| download | wcms-7baf75c9ee6a7ab3eaa8d35cb4709430426721cb.tar.gz wcms-7baf75c9ee6a7ab3eaa8d35cb4709430426721cb.zip | |
upgrade user password management
- add confirm password option
- remove maxlength
- add dedicated flash messages
Diffstat (limited to 'app/class')
| -rw-r--r-- | app/class/Controlleruser.php | 29 | ||||
| -rw-r--r-- | app/class/Routes.php | 1 | ||||
| -rw-r--r-- | app/class/User.php | 8 |
3 files changed, 32 insertions, 6 deletions
diff --git a/app/class/Controlleruser.php b/app/class/Controlleruser.php index 0345434..1e61c1a 100644 --- a/app/class/Controlleruser.php +++ b/app/class/Controlleruser.php @@ -40,9 +40,6 @@ class Controlleruser extends Controller } catch (RuntimeException $th) { Model::sendflashmessage('There was a problem when updating preference : ' . $th->getMessage(), 'error'); } - if ($_POST['passwordhash']) { - $user->hashpassword(); - } $this->usermanager->add($user); $this->routedirect('user'); } else { @@ -50,6 +47,32 @@ class Controlleruser extends Controller } } + public function password() + { + if ($this->user->iseditor()) { + if ( + !empty($_POST['password1']) && + !empty($_POST['password2']) && + $_POST['password1'] === $_POST['password2'] + ) { + if ( + $this->user->setpassword($_POST['password1']) && + $this->user->hashpassword() && + $this->usermanager->add($this->user) + ) { + Model::sendflashmessage('password updated successfully', 'success'); + } else { + Model::sendflashmessage("password is not compatible or an error occured", 'error'); + } + } else { + Model::sendflashmessage("passwords does not match", "error"); + } + $this->routedirect('user'); + } else { + $this->routedirect('home'); + } + } + public function bookmark() { diff --git a/app/class/Routes.php b/app/class/Routes.php index 13bd2ac..65d8444 100644 --- a/app/class/Routes.php +++ b/app/class/Routes.php @@ -47,6 +47,7 @@ class Routes ['POST', '/!user/update', 'Controlleruser#update', 'userupdate'], ['POST', '/!user/bookmark', 'Controlleruser#bookmark', 'userbookmark'], ['POST', '/!user/pref', 'Controlleruser#pref', 'userpref'], + ['POST', '/!user/password', 'Controlleruser#password', 'userpassword'], ['POST', '/!user/token', 'Controlleruser#token', 'usertoken'], ['GET', '/!info', 'Controllerinfo#desktop', 'info'], ['GET', '/!timeline', 'Controllertimeline#desktop', 'timeline'], diff --git a/app/class/User.php b/app/class/User.php index d9339c8..f9ea120 100644 --- a/app/class/User.php +++ b/app/class/User.php @@ -141,16 +141,18 @@ class User extends Item } } - public function setpassword($password) + /** + * @return bool if password is compatible and set, otherwise flase + */ + public function setpassword($password): bool { if (!empty($password) && is_string($password)) { if (strlen($password) >= Model::PASSWORD_MIN_LENGTH && strlen($password) <= Model::PASSWORD_MAX_LENGTH) { $this->password = $password; return true; - } else { - return false; } } + return false; } public function setsignature(string $signature) |