diff options
Diffstat (limited to 'engine/lib/user_settings.php')
| -rw-r--r-- | engine/lib/user_settings.php | 54 |
1 files changed, 37 insertions, 17 deletions
diff --git a/engine/lib/user_settings.php b/engine/lib/user_settings.php index 7c29e73c1..0e36dc46d 100644 --- a/engine/lib/user_settings.php +++ b/engine/lib/user_settings.php @@ -33,18 +33,18 @@ function users_settings_save() { * @access private */ function elgg_set_user_password() { - $current_password = get_input('current_password'); - $password = get_input('password'); - $password2 = get_input('password2'); - $user_id = get_input('guid'); + $current_password = get_input('current_password', null, false); + $password = get_input('password', null, false); + $password2 = get_input('password2', null, false); + $user_guid = get_input('guid'); - if (!$user_id) { + if (!$user_guid) { $user = elgg_get_logged_in_user_entity(); } else { - $user = get_entity($user_id); + $user = get_entity($user_guid); } - if (($user) && ($password != "")) { + if ($user && $password) { // let admin user change anyone's password without knowing it except his own. if (!elgg_is_admin_logged_in() || elgg_is_admin_logged_in() && $user->guid == elgg_get_logged_in_user_guid()) { $credentials = array( @@ -52,13 +52,22 @@ function elgg_set_user_password() { 'password' => $current_password ); - if (!pam_auth_userpass($credentials)) { - register_error(elgg_echo('user:password:fail:incorrect_current_password')); + try { + pam_auth_userpass($credentials); + } catch (LoginException $e) { + register_error(elgg_echo('LoginException:ChangePasswordFailure')); return false; } } - if (strlen($password) >= 4) { + try { + $result = validate_password($password); + } catch (RegistrationException $e) { + register_error($e->getMessage()); + return false; + } + + if ($result) { if ($password == $password2) { $user->salt = generate_random_cleartext_password(); // Reset the salt $user->password = generate_user_password($user, $password); @@ -78,6 +87,7 @@ function elgg_set_user_password() { // no change return null; } + return false; } @@ -255,9 +265,9 @@ function elgg_set_user_default_access() { * @access private */ function usersettings_pagesetup() { - if (elgg_get_context() == "settings" && elgg_get_logged_in_user_guid()) { - $user = elgg_get_logged_in_user_entity(); + $user = elgg_get_page_owner_entity(); + if ($user && elgg_get_context() == "settings") { $params = array( 'name' => '1_account', 'text' => elgg_echo('usersettings:user:opt:linktext'), @@ -284,7 +294,7 @@ function usersettings_pagesetup() { * * @param array $page Pages array * - * @return void + * @return bool * @access private */ function usersettings_page_handler($page) { @@ -294,11 +304,11 @@ function usersettings_page_handler($page) { $page[0] = 'user'; } - if ($page[1]) { + if (isset($page[1])) { $user = get_user_by_username($page[1]); elgg_set_page_owner_guid($user->guid); } else { - $user = elgg_get_logged_in_user_guid(); + $user = elgg_get_logged_in_user_entity(); elgg_set_page_owner_guid($user->guid); } @@ -314,12 +324,15 @@ function usersettings_page_handler($page) { $path = $CONFIG->path . "pages/settings/tools.php"; break; case 'user': - default: $path = $CONFIG->path . "pages/settings/account.php"; break; } - require($path); + if (isset($path)) { + require $path; + return true; + } + return false; } /** @@ -334,6 +347,13 @@ function usersettings_init() { elgg_register_plugin_hook_handler('usersettings:save', 'user', 'users_settings_save'); elgg_register_action("usersettings/save"); + + // extend the account settings form + elgg_extend_view('forms/account/settings', 'core/settings/account/name', 100); + elgg_extend_view('forms/account/settings', 'core/settings/account/password', 100); + elgg_extend_view('forms/account/settings', 'core/settings/account/email', 100); + elgg_extend_view('forms/account/settings', 'core/settings/account/language', 100); + elgg_extend_view('forms/account/settings', 'core/settings/account/default_access', 100); } elgg_register_event_handler('init', 'system', 'usersettings_init'); |