Seperates password edition from xnet profile edition, removes account deletion.

Signed-off-by: Stéphane Jacob <sj@m4x.org>

diff --git a/classes/xnetpage.php b/classes/xnetpage.php
index 610f26c..e2075b0 100644 (file)
--- a/classes/xnetpage.php
+++ b/classes/xnetpage.php
@@ -83,6 +83,7 @@ class XnetPage extends PlPage
         $sub['documentation']     = 'Xnet';
         if (S::user()->type == 'xnet') {
             $sub['mon compte'] = 'edit';
+            $sub['mon mot de passe'] = 'password';
         }
         $sub['signaler un bug']   = array('href' => 'send_bug/'.$_SERVER['REQUEST_URI'], 'class' => 'popup_840x600');
         $menu["no_title"]   = $sub;

diff --git a/modules/platal.php b/modules/platal.php
index 29821a6..d3d3cd4 100644 (file)
--- a/modules/platal.php
+++ b/modules/platal.php
@@ -229,6 +229,7 @@ class PlatalModule extends PLModule
 
         $page->changeTpl('platal/password.tpl');
         $page->setTitle('Mon mot de passe');
+        $page->assign('do_auth', false);
     }
 
     function handler_smtppass($page)
@@ -396,6 +397,7 @@ Adresse de secours : " . Post::v('email') : ""));
                                        $uid);
             $page->changeTpl('platal/password.tpl');
             $page->assign('hruid', $hruid);
+            $page->assign('do_auth', true);
         }
     }
 

diff --git a/modules/xnet.php b/modules/xnet.php
index 45bc80f..6e54d38 100644 (file)
--- a/modules/xnet.php
+++ b/modules/xnet.php
@@ -36,6 +36,7 @@ class XnetModule extends PLModule
             'login/ext'   => $this->make_hook('login_ext', AUTH_PUBLIC),
             'register/ext' => $this->make_hook('register_ext', AUTH_PUBLIC),
             'edit'        => $this->make_hook('edit',      AUTH_MDP, 'user'),
+            'password'    => $this->make_hook('password',  AUTH_MDP, 'user'),
 
             'Xnet'        => $this->make_wiki_hook(),
         );
@@ -271,6 +272,7 @@ class XnetModule extends PLModule
             $page->changeTpl('platal/password.tpl');
             $page->assign('xnet', true);
             $page->assign('hruid', $res['hruid']);
+            $page->assign('do_auth', true);
         }
     }
 
@@ -290,13 +292,6 @@ class XnetModule extends PLModule
         if (Post::has('change')) {
             S::assert_xsrf_token();
 
-            if ($user->groupCount() == 0 && Post::t('delete') == 'OUI') {
-                XDB::execute('DELETE FROM  accounts
-                                    WHERE  uid = {?}',
-                             $user->id());
-                pl_redirect('index');
-            }
-
             // Convert user status to X
             if (!Post::blank('login_X')) {
                 $forlife = $this->changeLogin($page, $user, Post::t('login_X'));
@@ -312,13 +307,6 @@ class XnetModule extends PLModule
                          WHERE  uid = {?}',
                        Post::t('full_name'), Post::t('directory_name'), Post::t('display_name'),
                        (Post::t('sex') == 'male') ? 'male' : 'female', Post::t('email'), $user->id());
-            // If user is of type xnet and new password is given.
-            if (!Post::blank('pwhash')) {
-                XDB::query('UPDATE  accounts
-                               SET  password = {?}
-                             WHERE  uid = {?}',
-                           Post::t('pwhash'), $user->id());
-            }
             if (XDB::affectedRows()) {
                 $page->trigSuccess('Données mises à jour.');
             }
@@ -327,6 +315,27 @@ class XnetModule extends PLModule
         $page->addJsLink('password.js');
         $page->assign('user', $user);
     }
+
+    function handler_password ($page)
+    {
+        if (Post::has('pwhash') && Post::t('pwhash'))  {
+            S::assert_xsrf_token();
+
+            S::set('password', $password = Post::t('pwhash'));
+            XDB::execute('UPDATE  accounts
+                             SET  password = {?}
+                           WHERE  uid={?}', $password,
+                         S::i('uid'));
+            S::logger()->log('passwd');
+            Platal::session()->setAccessCookie(true);
+            $page->changeTpl('platal/password.success.tpl');
+            $page->run();
+        }
+
+        $page->changeTpl('platal/password.tpl');
+        $page->assign('xnet_reset', true);
+        $page->assign('do_auth', false);
+    }
 }
 
 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:

diff --git a/templates/platal/password.tpl b/templates/platal/password.tpl
index 94dd077..5fb0c51 100644 (file)
--- a/templates/platal/password.tpl
+++ b/templates/platal/password.tpl
@@ -31,8 +31,9 @@
   Attention au type de clavier que tu utilises (qwerty ?) et aux majuscules/minuscules.
 </p>
 <p>
-  Pour une sécurité optimale, le mot de passe circule de manière chiffrée (https) et est
-  stocké chiffré irréversiblement sur nos serveurs.
+  Pour une sécurité optimale, le mot de passe
+  {if !t($xnet)}{if !t($xnet_reset)} circule de manière chiffrée (https) et{/if}{/if}
+  est stocké chiffré irréversiblement sur nos serveurs.
 </p>
 <br />
 <fieldset style="width: 70%; margin-left: 15%">
@@ -80,7 +81,7 @@
       <tr>
         <td colspan="2" class="center">
           <input type="hidden" name="pwhash" value="" />
-          <input type="submit" value="{if t($xnet)}Créer{else}Changer{/if}" name="submitn" onclick="return hashResponse('new1', 'new2', true, true);" />
+          <input type="submit" value="{if t($xnet)}Créer{else}Changer{/if}" name="submitn" onclick="return hashResponse('new1', 'new2', true, {$do_auth});" />
         </td>
       </tr>
     </table>
@@ -101,7 +102,7 @@
   </div>
 </form>
 
-{if !t($xnet)}
+{if !t($xnet)}{if !t($xnet_reset)}
 <p>
   Note bien qu'il s'agit là du mot de passe te permettant de t'authentifier sur le site {#globals.core.sitename#}&nbsp;;
   le mot de passe te permettant d'utiliser le serveur <a
@@ -110,6 +111,6 @@
   de {#globals.core.sitename#} (si tu as <a href="./password/smtp">activé l'accès SMTP et NNTP</a>)
   est indépendant de celui-ci et tu peux le modifier <a href="./password/smtp">ici</a>.
 </p>
-{/if}
+{/if}{/if}
 
 {* vim:set et sw=2 sts=2 sws=2 enc=utf-8: *}

diff --git a/templates/xnet/edit.tpl b/templates/xnet/edit.tpl
index 02c8ed6..2c86608 100644 (file)
--- a/templates/xnet/edit.tpl
+++ b/templates/xnet/edit.tpl
@@ -71,22 +71,6 @@
       </td>
     </tr>
     <tr class="impair">
-      <td class="titre">Mot de passe&nbsp;:</td>
-      <td>
-        <input type="text" name="password1" size="10" maxlength="256" value="********" />
-        <input type="hidden" name="pwhash" value="" />
-      </td>
-    </tr>
-    <tr class="impair">
-      <td class="titre">Retape-le une fois&nbsp;:</td>
-      <td>
-        <input type="text" name="password2" size="10" maxlength="256" value="" />
-      </td>
-    </tr>
-    <tr>
-      <td></td>
-      <td>{checkpasswd prompt="password1" submit="dummy_none"}</td>
-    </tr>
     <tr id="make_X">
       <td colspan="2">
         <span id="make_X_cb">
@@ -100,12 +84,6 @@
       </td>
     </tr>
   </table>
-  {if $user->groupCount() eq 0}
-  <p>
-    Supprimer mon compte&nbsp;:&nbsp;<input type="text" name="delete" value="NON" size="3" maxlength="3" /><br />
-    <small>(Écrire « OUI » en majuscule pour que la suppression soit prise en compte.)</small>
-  </p>
-  {/if}
 
   <div class="center">
     <br />