function module_pref_prefs($link) {
$subop = $_REQUEST["subop"];
+ if ($subop == "change-password") {
+
+ $old_pw = $_POST["OLD_PASSWORD"];
+ $new_pw = $_POST["NEW_PASSWORD"];
+ $con_pw = $_POST["CONFIRM_PASSWORD"];
+
+ if ($old_pw == "") {
+ print "ERROR: Old password cannot be blank.";
+ return;
+ }
+
+ if ($new_pw == "") {
+ print "ERROR: New password cannot be blank.";
+ return;
+ }
+
+ if ($new_pw != $con_pw) {
+ print "ERROR: Entered passwords do not match.";
+ return;
+ }
+
+ $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]);
+ $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]);
+
+ $active_uid = $_SESSION["uid"];
+
+ if ($old_pw && $new_pw) {
+
+ $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
+
+ $result = db_query($link, "SELECT id FROM ttrss_users WHERE
+ id = '$active_uid' AND (pwd_hash = '$old_pw' OR
+ pwd_hash = '$old_pw_hash')");
+
+ if (db_num_rows($result) == 1) {
+ db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
+ WHERE id = '$active_uid'");
+
+ print "Password has been changed.";
+ } else {
+ print "ERROR: Old password is incorrect.";
+ }
+ }
+
+ return;
+ }
+
if ($subop == "Save configuration") {
$_SESSION["prefs_op_result"] = "save-config";
return prefs_js_redirect();
- } else if ($subop == "Change password") {
-
- $old_pw = $_POST["OLD_PASSWORD"];
- $new_pw = $_POST["OLD_PASSWORD"];
-
- $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]);
- $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]);
-
- $active_uid = $_SESSION["uid"];
-
- if ($old_pw && $new_pw) {
-
- $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
-
- $result = db_query($link, "SELECT id FROM ttrss_users WHERE
- id = '$active_uid' AND (pwd_hash = '$old_pw' OR
- pwd_hash = '$old_pw_hash')");
-
- if (db_num_rows($result) == 1) {
- db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
- WHERE id = '$active_uid'");
-
- $_SESSION["pwd_change_result"] = "ok";
- } else {
- $_SESSION["pwd_change_result"] = "failed";
- }
- }
-
- return prefs_js_redirect();
-
} else if ($subop == "Reset to defaults") {
$_SESSION["prefs_op_result"] = "reset-to-defaults";
print format_warning("Your password is at default value, please change it.");
}
- if ($_SESSION["pwd_change_result"] == "failed") {
+/* if ($_SESSION["pwd_change_result"] == "failed") {
print format_warning("Could not change the password.");
}
print format_notice("Password was changed.");
}
- $_SESSION["pwd_change_result"] = "";
+ $_SESSION["pwd_change_result"] = ""; */
if ($_SESSION["prefs_op_result"] == "reset-to-defaults") {
print format_notice("The configuration was reset to defaults.");
print "</form>";
- print "<form action=\"backend.php\" method=\"POST\" name=\"changePassForm\">";
+ print "<form action=\"backend.php\" method=\"POST\"
+ name=\"change_pass_form\" id=\"change_pass_form\">";
print "<table width=\"100%\" class=\"prefPrefsList\">";
print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>";
print "<tr><td width=\"40%\">Old password</td>";
print "<td><input class=\"editbox\" type=\"password\"
+ onkeypress=\"return filterCR(event, changeUserPassword)\"
name=\"OLD_PASSWORD\"></td></tr>";
print "<tr><td width=\"40%\">New password</td>";
print "<td><input class=\"editbox\" type=\"password\"
+ onkeypress=\"return filterCR(event, changeUserPassword)\"
name=\"NEW_PASSWORD\"></td></tr>";
-
+
+ print "<tr><td width=\"40%\">Confirm password</td>";
+
+ print "<td><input class=\"editbox\" type=\"password\"
+ onkeypress=\"return filterCR(event, changeUserPassword)\"
+ name=\"CONFIRM_PASSWORD\"></td></tr>";
+
print "</table>";
print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
-
- print "<p><input class=\"button\" type=\"submit\"
- onclick=\"return validateNewPassword(this.form)\"
- value=\"Change password\" name=\"subop\">";
-
+ print "<input type=\"hidden\" name=\"subop\" value=\"change-password\">";
+
print "</form>";
+ print "<p><input class=\"button\" type=\"submit\"
+ onclick=\"return changeUserPassword()\"
+ value=\"Change password\">";
+
}
$result = db_query($link, "SELECT
}
}
-
function notify_callback() {
if (xmlhttp.readyState == 4) {
notify_info(xmlhttp.responseText);
}
}
+
+function changepass_callback() {
+ if (xmlhttp.readyState == 4) {
+
+ if (xmlhttp.responseText.indexOf("ERROR: ") == 0) {
+ notify_error(xmlhttp.responseText.replace("ERROR: ", ""));
+ } else {
+ notify_info(xmlhttp.responseText);
+ }
+
+ document.forms['change_pass_form'].reset();
+ }
+}
+
function updateFeedList(sort_key) {
if (!xmlhttp_ready(xmlhttp)) {
displayDlg('feedUpdateErrors');
}
+function changeUserPassword() {
+
+ try {
+
+ if (!xmlhttp_ready(xmlhttp)) {
+ printLockingError();
+ return false;
+ }
+
+ var query = Form.serialize("change_pass_form");
+
+ notify_progress("Trying to change password...");
+
+ xmlhttp.open("POST", "backend.php", true);
+ xmlhttp.onreadystatechange=changepass_callback;
+ xmlhttp.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
+ xmlhttp.send(query);
+
+ } catch (e) {
+ exception_error("changeUserPassword", e);
+ }
+
+ return false;
+}
projects / tt-rss.git / commitdiff