diff options
| author | Bjoern Schiessle <bjoern@schiessle.org> | 2016-06-27 11:30:13 +0200 |
|---|---|---|
| committer | Bjoern Schiessle <bjoern@schiessle.org> | 2016-06-27 14:08:11 +0200 |
| commit | 2a990a0db5199ac842b50b580300bbeb2d2e794c (patch) | |
| tree | ad76ae23635def5b724005ae6b13b25d6b3d4def /settings | |
| parent | d4989c80379d4cac71ae76ec8df79090f2e4c25f (diff) | |
| download | nextcloud-server-2a990a0db5199ac842b50b580300bbeb2d2e794c.tar.gz nextcloud-server-2a990a0db5199ac842b50b580300bbeb2d2e794c.zip | |
verify user password on change
Diffstat (limited to 'settings')
| -rw-r--r-- | settings/ChangePassword/Controller.php | 31 | ||||
| -rw-r--r-- | settings/js/personal.js | 30 | ||||
| -rw-r--r-- | settings/templates/personal.php | 3 |
3 files changed, 41 insertions, 23 deletions
diff --git a/settings/ChangePassword/Controller.php b/settings/ChangePassword/Controller.php index 1f3ea1b446a..94fb1e4e7a2 100644 --- a/settings/ChangePassword/Controller.php +++ b/settings/ChangePassword/Controller.php @@ -30,6 +30,8 @@ */ namespace OC\Settings\ChangePassword; +use OC\HintException; + class Controller { public static function changePersonalPassword($args) { // Check if we are an user @@ -39,17 +41,22 @@ class Controller { $username = \OC_User::getUser(); $password = isset($_POST['personal-password']) ? $_POST['personal-password'] : null; $oldPassword = isset($_POST['oldpassword']) ? $_POST['oldpassword'] : ''; + $l = new \OC_L10n('settings'); if (!\OC_User::checkPassword($username, $oldPassword)) { - $l = new \OC_L10n('settings'); \OC_JSON::error(array("data" => array("message" => $l->t("Wrong password")) )); exit(); } - if (!is_null($password) && \OC_User::setPassword($username, $password)) { - \OC::$server->getUserSession()->updateSessionTokenPassword($password); - \OC_JSON::success(); - } else { - \OC_JSON::error(); + + try { + if (!is_null($password) && \OC_User::setPassword($username, $password)) { + \OC::$server->getUserSession()->updateSessionTokenPassword($password); + \OC_JSON::success(['data' => ['message' => $l->t('Saved')]]); + } else { + \OC_JSON::error(); + } + } catch (HintException $e) { + \OC_JSON::error(['data' => ['message' => $e->getHint()]]); } } @@ -150,10 +157,14 @@ class Controller { } } else { // if encryption is disabled, proceed - if (!is_null($password) && \OC_User::setPassword($username, $password)) { - \OC_JSON::success(array('data' => array('username' => $username))); - } else { - \OC_JSON::error(array('data' => array('message' => $l->t('Unable to change password')))); + try { + if (!is_null($password) && \OC_User::setPassword($username, $password)) { + \OC_JSON::success(array('data' => array('username' => $username))); + } else { + \OC_JSON::error(array('data' => array('message' => $l->t('Unable to change password')))); + } + } catch (HintException $e) { + \OC_JSON::error(array('data' => array('message' => $e->getHint()))); } } } diff --git a/settings/js/personal.js b/settings/js/personal.js index c9e575afd6b..16a8d184da6 100644 --- a/settings/js/personal.js +++ b/settings/js/personal.js @@ -192,6 +192,7 @@ $(document).ready(function () { $('#pass2').showPassword().keyup(); } $("#passwordbutton").click(function () { + OC.msg.startSaving('#password-error-msg'); var isIE8or9 = $('html').hasClass('lte9'); // FIXME - TODO - once support for IE8 and IE9 is dropped // for IE8 and IE9 this will check additionally if the typed in password @@ -208,25 +209,32 @@ $(document).ready(function () { if (data.status === "success") { $('#pass1').val(''); $('#pass2').val('').change(); - // Hide a possible errormsg and show successmsg - $('#password-changed').removeClass('hidden').addClass('inlineblock'); - $('#password-error').removeClass('inlineblock').addClass('hidden'); + OC.msg.finishedSaving('#password-error-msg', data); } else { if (typeof(data.data) !== "undefined") { - $('#password-error').text(data.data.message); + OC.msg.finishedSaving('#password-error-msg', data); } else { - $('#password-error').text(t('Unable to change password')); + OC.msg.finishedSaving('#password-error-msg', + { + 'status' : 'error', + 'data' : { + 'message' : t('core', 'Unable to change password') + } + } + ); } - // Hide a possible successmsg and show errormsg - $('#password-changed').removeClass('inlineblock').addClass('hidden'); - $('#password-error').removeClass('hidden').addClass('inlineblock'); } }); return false; } else { - // Hide a possible successmsg and show errormsg - $('#password-changed').removeClass('inlineblock').addClass('hidden'); - $('#password-error').removeClass('hidden').addClass('inlineblock'); + OC.msg.finishedSaving('#password-error-msg', + { + 'status' : 'error', + 'data' : { + 'message' : t('core', 'Unable to change password') + } + } + ); return false; } diff --git a/settings/templates/personal.php b/settings/templates/personal.php index e86a84dfa08..716570cad84 100644 --- a/settings/templates/personal.php +++ b/settings/templates/personal.php @@ -118,8 +118,7 @@ if($_['passwordChangeSupported']) { ?> <form id="passwordform" class="section"> <h2 class="inlineblock"><?php p($l->t('Password'));?></h2> - <div class="hidden icon-checkmark" id="password-changed"></div> - <div class="hidden" id="password-error"><?php p($l->t('Unable to change your password'));?></div> + <div id="password-error-msg" class="msg success inlineblock" style="display: none;">Saved</div> <br> <label for="pass1" class="hidden-visually"><?php echo $l->t('Current password');?>: </label> <input type="password" id="pass1" name="oldpassword" |