//return;
}
+ function defaultPasswordWarning() {
+
+ print_warning(__("You are using default tt-rss password. Please change it in the Preferences (Personal data / Authentication)."));
+
+ print "<div align='center'>";
+ print "<button dojoType=\"dijit.form.Button\" onclick=\"gotoPreferences()\">".
+ __('Open Preferences')."</button> ";
+ print "<button dojoType=\"dijit.form.Button\"
+ onclick=\"return closeInfoBox()\">".
+ __('Close this window')."</button>";
+ print "</div>";
+ }
}
\ No newline at end of file
$email = htmlspecialchars($row["email"]);
$full_name = htmlspecialchars($row["full_name"]);
- $otp_enabled = $row["otp_enabled"];
+ $otp_enabled = sql_bool_to_bool($row["otp_enabled"]);
print "<tr><td width=\"40%\">".__('Full name')."</td>";
print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" name=\"full_name\" required=\"1\"
$base32 = new Base32();
$login = $row["login"];
- $otp_enabled = $row["otp_enabled"];
+ $otp_enabled = sql_bool_to_bool($row["otp_enabled"]);
if (!$otp_enabled) {
$secret = $base32->encode(sha1($row["salt"]));
if ($authenticator->check_password($_SESSION["uid"], $password)) {
- $sth = $this->pdo->prepare("SELECT salt
+ $sth = $this->pdo->query("SELECT salt
FROM ttrss_users
WHERE id = ?");
$sth->execute([$_SESSION['uid']]);
}
+ static function isdefaultpassword() {
+ $authenticator = PluginHost::getInstance()->get_plugin($_SESSION["auth_module"]);
+
+ if ($authenticator->check_password($_SESSION["uid"], "password")) {
+ return true;
+ }
+
+ return false;
+ }
+
function otpdisable() {
$password = $_REQUEST["password"];
$params["default_view_limit"] = (int) get_pref("_DEFAULT_VIEW_LIMIT");
$params["default_view_order_by"] = get_pref("_DEFAULT_VIEW_ORDER_BY");
$params["bw_limit"] = (int) $_SESSION["bw_limit"];
+ $params["is_default_pw"] = Pref_Prefs::isdefaultpassword();
$params["label_base_index"] = (int) LABEL_BASE_INDEX;
$theme = get_pref( "USER_CSS_THEME", false, false);
hideOrShowFeeds(getInitParam("hide_read_feeds") == 1);
+ if (getInitParam("is_default_pw")) {
+ console.warn("user password is at default value");
+
+ var dialog = new dijit.Dialog({
+ title: __("Your password is at default value"),
+ href: "backend.php?op=dlg&method=defaultpasswordwarning",
+ id: 'infoBox',
+ style: "width: 600px",
+ onCancel: function() {
+ return true;
+ },
+ onExecute: function() {
+ return true;
+ },
+ onClose: function() {
+ return true;
+ }
+ });
+
+ dialog.show();
+ }
+
// bw_limit disables timeout() so we request initial counters separately
if (getInitParam("bw_limit") == "1") {
request_counters(true);