vcl-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jftho...@apache.org
Subject svn commit: r760144 - in /incubator/vcl/trunk/web: .ht-inc/errors.php .ht-inc/userpreferences.php js/code.js
Date Mon, 30 Mar 2009 20:12:46 GMT
Author: jfthomps
Date: Mon Mar 30 20:12:46 2009
New Revision: 760144

URL: http://svn.apache.org/viewvc?rev=760144&view=rev
Log:
VCL-124

errors.php:
added error 390: Failed to fetch salt while updating locally affiliated user password

userpreferences.php:
added define for LOCALPASSWORDERR
modified userpreferences:
-added section that shows up for users with affiliation Local that allows them to change their
passwords
-added check in updateinfo anchor area to only print updateText and its following br's if
it's not empty
modified confirmUserPrefs:
-added check for new password being submitted, in which case it will notify the user that
the password will be updated
modified submitUserPrefs:
-added block of code to update password for users with an affiliation of Local if they submit
a new password
modified processUserPrefsInput:
-added block of code to handle new password submission for users with an affiliation of Local

code.js:
added checkNewLocalPassword

Modified:
    incubator/vcl/trunk/web/.ht-inc/errors.php
    incubator/vcl/trunk/web/.ht-inc/userpreferences.php
    incubator/vcl/trunk/web/js/code.js

Modified: incubator/vcl/trunk/web/.ht-inc/errors.php
URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/errors.php?rev=760144&r1=760143&r2=760144&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/errors.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/errors.php Mon Mar 30 20:12:46 2009
@@ -189,6 +189,7 @@
 	"378" => "Failed to execute query 2 in updateResourcePrivs",
 	"380" => "Failed to fetch last insert id in submitBlockRequest",
 	"385" => "Failed to execute query in submitDeleteMgmtnode",
+	"390" => "Failed to fetch salt while updating locally affiliated user password",
 );
 
 $XMLRPCERRORS = array(

Modified: incubator/vcl/trunk/web/.ht-inc/userpreferences.php
URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/userpreferences.php?rev=760144&r1=760143&r2=760144&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/userpreferences.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/userpreferences.php Mon Mar 30 20:12:46 2009
@@ -28,6 +28,8 @@
 define("HEIGHTERR", 1 << 2);
 /// signifies an error with submitted viewasuser id
 define("VIEWASUSERERR", 1 << 3);
+/// signifies an error with submitted new password
+define("LOCALPASSWORDERR", 1 << 4);
 
 ////////////////////////////////////////////////////////////////////////////////
 ///
@@ -122,10 +124,44 @@
 	print "          <TD>" . $user["email"] . "</TD>\n";
 	print "          <TD></TD>\n";
 	print "        </TR>\n";
+	if($user['affiliation'] == 'Local') {
+		print "        <TR>\n";
+		print "          <TD colspan=3 align=center><h3>Change Password</h3></TD>\n";
+		print "        </TR>\n";
+		print "        <TR>\n";
+		print "          <TH align=right>Current Password:</TH>\n";
+		print "          <TD>\n";
+		print "            <label class=hidden for=currentpassword>Current Password</label>\n";
+		print "            <INPUT type=password name=currentpassword maxlength=100 size=15>\n";
+		print "          </TD>\n";
+		print "          <TD>";
+		printSubmitErr(LOCALPASSWORDERR);
+		print "</TD>\n";
+		print "        </TR>\n";
+		print "        <TR>\n";
+		print "          <TH align=right>New Password:</TH>\n";
+		print "          <TD>\n";
+		print "            <label class=hidden for=newpassword>New Password</label>\n";
+		print "            <INPUT type=password name=newpassword maxlength=100 ";
+		print "id=newpassword onkeyup=\"checkNewLocalPassword();\" size=15>\n";
+		print "          </TD>\n";
+		print "          <TD></TD>\n";
+		print "        </TR>\n";
+		print "        <TR>\n";
+		print "          <TH align=right>Confirm Password:</TH>\n";
+		print "          <TD>\n";
+		print "            <label class=hidden for=confirmpassword>Confirm Password</label>\n";
+		print "            <INPUT type=password name=confirmpassword maxlength=100 ";
+		print "id=confirmpassword onkeyup=\"checkNewLocalPassword();\" size=15>\n";
+		print "          </TD>\n";
+		print "          <TD><span id=pwdstatus></span></TD>\n";
+		print "        </TR>\n";
+	}
 	print "      </table>\n";
 	$updateText = getAffiliationDataUpdateText($user['affiliationid']);
-	print "<a name=updateinfo></a>{$updateText[$user['affiliationid']]}";
-	print "<br><br>\n";
+	print "<a name=updateinfo></a>\n";
+	if(! empty($updateText[$user['affiliationid']]))
+		print "{$updateText[$user['affiliationid']]}<br><br>";
 	$cont = addContinuationsEntry('confirmpersonalprefs', array(), SECINDAY, 1, 1, 1);
 	print "      <INPUT type=hidden name=continuation value=\"$cont\">\n";
 	print "      <div align=center>\n";
@@ -323,7 +359,7 @@
 ///
 ////////////////////////////////////////////////////////////////////////////////
 function confirmUserPrefs($type) {
-	global $submitErr;
+	global $submitErr, $user;
 
 	$data = processUserPrefsInput(1);
 
@@ -359,6 +395,10 @@
 		print "    <TD>" . $data["preferredname"] . "</TD>\n";
 		print "  </TR>\n";
 		print "</table>\n";
+		if($user['affiliation'] == 'Local' &&
+		   ! empty($data['newpassword'])) {
+			print "New password will be submitted<br>\n";
+		}
 	}
 	elseif($type == 1) {
 		print "<H2>RDP File Preferences</H2>\n";
@@ -431,6 +471,22 @@
 	                   $data["bpp"], $data["audiomode"], $data["mapdrives"],
 	                   $data["mapprinters"], $data["mapserial"])) {
 	}
+	if($user['affiliation'] == 'Local' &&
+	   ! empty($data['newpassword'])) {
+		$query = "SELECT l.salt "
+		       . "FROM localauth l, "
+		       .      "user u "
+		       . "WHERE u.id = '{$user['id']}' AND "
+		       .       "l.userid = u.id";
+		$qh = doQuery($query, 101);
+		if(! ($row = mysql_fetch_assoc($qh)))
+			abort();
+		$passhash = sha1("{$data['newpassword']}{$row['salt']}");
+		$query = "UPDATE localauth "
+		       . "SET passhash = '$passhash' "
+		       . "WHERE userid = {$user['id']}";
+		doQuery($query, 101);
+	}
 	$user = getUserInfo($user["id"]);
 	$_SESSION['user'] = $user;
 	userpreferences();
@@ -533,6 +589,27 @@
 	   $submitErr |= VIEWASUSERERR;
 	   $submitErrMsg[VIEWASUSERERR] = "Invalid user id";
 	}
+	if($user['affiliation'] == 'Local') {
+		$return['newpassword'] = $_POST['newpassword'];
+		$confirmpwd = $_POST['confirmpassword'];
+		$curr = $_POST['currentpassword'];
+		if(get_magic_quotes_gpc()) {
+			$return['newpassword'] = stripslashes($return['newpassword']);
+			$confirmpwd = stripslashes($confirmpwd);
+			$curr = stripslashes($curr);
+		}
+		if(! empty($return['newpassword']) && ! empty($confirmpwd) &&
+		   ! validateLocalAccount($user['unityid'], $curr)) {
+			$submitErr |= LOCALPASSWORDERR;
+			$submitErrMsg[LOCALPASSWORDERR] = "Password incorrect";
+		}
+		elseif((empty($return['newpassword']) && ! empty($confirmpwd)) ||
+		   (! empty($return['newpassword']) && empty($confirmpwd)) ||
+		   ($return['newpassword'] != $confirmpwd)) {
+			$submitErr |= LOCALPASSWORDERR;
+			$submitErrMsg[LOCALPASSWORDERR] = "Passwords do not match";
+		}
+	}
 	return $return;
 }
 

Modified: incubator/vcl/trunk/web/js/code.js
URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/web/js/code.js?rev=760144&r1=760143&r2=760144&view=diff
==============================================================================
--- incubator/vcl/trunk/web/js/code.js (original)
+++ incubator/vcl/trunk/web/js/code.js Mon Mar 30 20:12:46 2009
@@ -884,3 +884,18 @@
    obj.style.top = my - y - obj.clientWidth;
    obj.style.zIndex = 10;
 }
+
+function checkNewLocalPassword() {
+	var pwd1 = document.getElementById('newpassword');
+	var pwd2 = document.getElementById('confirmpassword');
+	var stat = document.getElementById('pwdstatus');
+	if(pwd1.value == "" && pwd2.value == "") {
+		stat.innerHTML = '';
+	}
+	else if(pwd1.value == pwd2.value) {
+		stat.innerHTML = '<font color="#008000">match</font>';
+	}
+	else {
+		stat.innerHTML = '<font color="red">no match</font>';
+	}
+}



Mime
View raw message