return;
}
- $result = db_query($this->link, "SELECT salt FROM ttrss_users WHERE
- id = " . $_SESSION['uid']);
-
- $salt = db_fetch_result($result, 0, "salt");
-
- if (!$salt) {
- $old_pw_hash1 = encrypt_password($old_pw);
- $old_pw_hash2 = encrypt_password($old_pw, $_SESSION["name"]);
-
- $query = "SELECT id FROM ttrss_users WHERE
- id = ".$_SESSION['uid']." AND (pwd_hash = '$old_pw_hash1' OR
- pwd_hash = '$old_pw_hash2')";
+ $module_class = "auth_" . $_SESSION["auth_module"];
+ $authenticator = new $module_class($this->link);
+ if (method_exists($authenticator, "change_password")) {
+ print $authenticator->change_password($_SESSION["uid"], $old_pw, $new_pw);
} else {
- $old_pw_hash = encrypt_password($old_pw, $salt, true);
-
- $query = "SELECT id FROM ttrss_users WHERE
- id = ".$_SESSION['uid']." AND pwd_hash = '$old_pw_hash'";
- }
-
- $result = db_query($this->link, $query);
-
- if (db_num_rows($result) == 1) {
-
- $new_salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
- $new_pw_hash = encrypt_password($new_pw, $new_salt, true);
-
- db_query($this->link, "UPDATE ttrss_users SET
- pwd_hash = '$new_pw_hash', salt = '$new_salt'
- WHERE id = ".$_SESSION['uid']);
-
- $_SESSION["pwd_hash"] = $new_pw_hash;
-
- print __("Password has been changed.");
- } else {
- print "ERROR: ".__('Old password is incorrect.');
+ print "ERROR: ".__("Function not supported by authentication module.");
}
}
$pref_name = db_escape_string($pref_name);
$value = db_escape_string($_POST[$pref_name]);
+ if ($pref_name == 'DIGEST_PREFERRED_TIME') {
+ if (get_pref($this->link, 'DIGEST_PREFERRED_TIME') != $value) {
+
+ db_query($this->link, "UPDATE ttrss_users SET
+ last_digest_sent = NULL WHERE id = " . $_SESSION['uid']);
+
+ }
+ }
+
set_pref($this->link, $pref_name, $value);
}
"SSL_CERT_SERIAL", "DIGEST_PREFERRED_TIME");
- if (!SINGLE_USER_MODE) {
+ $_SESSION["prefs_op_result"] = "";
- $_SESSION["prefs_op_result"] = "";
+ print "<div dojoType=\"dijit.layout.AccordionContainer\" region=\"center\">";
+ print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Personal data / Authentication')."\">";
- print "<div dojoType=\"dijit.layout.AccordionContainer\" region=\"center\">";
- print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Personal data / Authentication')."\">";
+ print "<form dojoType=\"dijit.form.Form\" id=\"changeUserdataForm\">";
- print "<form dojoType=\"dijit.form.Form\" id=\"changeUserdataForm\">";
+ print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt\">
+ evt.preventDefault();
+ if (this.validate()) {
+ notify_progress('Saving data...', true);
- print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt\">
- evt.preventDefault();
- if (this.validate()) {
- notify_progress('Saving data...', true);
+ new Ajax.Request('backend.php', {
+ parameters: dojo.objectToQuery(this.getValues()),
+ onComplete: function(transport) {
+ notify_callback2(transport);
+ } });
- new Ajax.Request('backend.php', {
- parameters: dojo.objectToQuery(this.getValues()),
- onComplete: function(transport) {
- notify_callback2(transport);
- } });
+ }
+ </script>";
- }
- </script>";
+ print "<table width=\"100%\" class=\"prefPrefsList\">";
- print "<table width=\"100%\" class=\"prefPrefsList\">";
+ $result = db_query($this->link, "SELECT email,full_name,
+ access_level FROM ttrss_users
+ WHERE id = ".$_SESSION["uid"]);
- $result = db_query($this->link, "SELECT email,full_name,
- access_level FROM ttrss_users
- WHERE id = ".$_SESSION["uid"]);
+ $email = htmlspecialchars(db_fetch_result($result, 0, "email"));
+ $full_name = htmlspecialchars(db_fetch_result($result, 0, "full_name"));
- $email = htmlspecialchars(db_fetch_result($result, 0, "email"));
- $full_name = htmlspecialchars(db_fetch_result($result, 0, "full_name"));
+ print "<tr><td width=\"40%\">".__('Full name')."</td>";
+ print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" name=\"full_name\" required=\"1\"
+ value=\"$full_name\"></td></tr>";
- print "<tr><td width=\"40%\">".__('Full name')."</td>";
- print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" name=\"full_name\" required=\"1\"
- value=\"$full_name\"></td></tr>";
+ print "<tr><td width=\"40%\">".__('E-mail')."</td>";
+ print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" name=\"email\" required=\"1\" value=\"$email\"></td></tr>";
- print "<tr><td width=\"40%\">".__('E-mail')."</td>";
- print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" name=\"email\" required=\"1\" value=\"$email\"></td></tr>";
+ if (!SINGLE_USER_MODE && !$_SESSION["hide_hello"]) {
- if (!SINGLE_USER_MODE) {
- $access_level = db_fetch_result($result, 0, "access_level");
- print "<tr><td width=\"40%\">".__('Access level')."</td>";
- print "<td>" . $access_level_names[$access_level] . "</td></tr>";
- }
+ $access_level = db_fetch_result($result, 0, "access_level");
+ print "<tr><td width=\"40%\">".__('Access level')."</td>";
+ print "<td>" . $access_level_names[$access_level] . "</td></tr>";
+ }
- print "</table>";
+ print "</table>";
- print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-prefs\">";
- print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"changeemail\">";
+ print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-prefs\">";
+ print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"changeemail\">";
- print "<p><button dojoType=\"dijit.form.Button\" type=\"submit\">".
- __("Save data")."</button>";
+ print "<p><button dojoType=\"dijit.form.Button\" type=\"submit\">".
+ __("Save data")."</button>";
- print "</form>";
+ print "</form>";
+
+ if ($_SESSION["auth_module"]) {
+ $module_class = "auth_" . $_SESSION["auth_module"];
+ $authenticator = new $module_class($this->link);
+ } else {
+ $authenticator = false;
+ }
+
+ if ($authenticator && method_exists($authenticator, "change_password")) {
$result = db_query($this->link, "SELECT id FROM ttrss_users
WHERE id = ".$_SESSION["uid"]." AND pwd_hash
print "</form>";
- print "</div>"; #pane
}
+ print "</div>"; #pane
+
print "<div dojoType=\"dijit.layout.AccordionPane\" selected=\"true\" title=\"".__('Preferences')."\">";
print "<form dojoType=\"dijit.form.Form\" id=\"changeSettingsForm\">";
$profile_qpart = "profile IS NULL";
}
- $result = db_query($this->link, "SELECT
+ $result = db_query($this->link, "SELECT DISTINCT
ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
section_name,def_value,section_id
FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
} else if ($pref_name == 'DIGEST_PREFERRED_TIME') {
print "<input dojoType=\"dijit.form.ValidationTextBox\"
- id=\"$pref_name\" regexp=\"[012]\d:\d\d\" placeHolder=\"12:00\"
+ id=\"$pref_name\" regexp=\"[012]?\d:\d\d\" placeHolder=\"12:00\"
name=\"$pref_name\" value=\"$value\"><div class=\"insensitive\">".
- T_sprintf("Current server time: %s", date("H:i")) . "</div>";
+ T_sprintf("Current server time: %s (UTC)", date("H:i")) . "</div>";
} else {
$regexp = ($type_name == 'integer') ? 'regexp="^\d*$"' : '';