Author: jfthomps
Date: Mon Mar 30 20:12:46 2009
New Revision: 760144
URL: http://svn.apache.org/viewvc?rev=760144&view=rev
Log:
VCL-124
errors.php:
added error 390: Failed to fetch salt while updating locally affiliated user
password
userpreferences.php:
added define for LOCALPASSWORDERR
modified userpreferences:
-added section that shows up for users with affiliation Local that allows them
to change their passwords
-added check in updateinfo anchor area to only print updateText and its
following br's if it's not empty
modified confirmUserPrefs:
-added check for new password being submitted, in which case it will notify the
user that the password will be updated
modified submitUserPrefs:
-added block of code to update password for users with an affiliation of Local
if they submit a new password
modified processUserPrefsInput:
-added block of code to handle new password submission for users with an
affiliation of Local
code.js:
added checkNewLocalPassword
Modified:
incubator/vcl/trunk/web/.ht-inc/errors.php
incubator/vcl/trunk/web/.ht-inc/userpreferences.php
incubator/vcl/trunk/web/js/code.js
Modified: incubator/vcl/trunk/web/.ht-inc/errors.php
URL:
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/errors.php?rev=760144&r1=760143&r2=760144&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/errors.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/errors.php Mon Mar 30 20:12:46 2009
@@ -189,6 +189,7 @@
"378" => "Failed to execute query 2 in updateResourcePrivs",
"380" => "Failed to fetch last insert id in submitBlockRequest",
"385" => "Failed to execute query in submitDeleteMgmtnode",
+ "390" => "Failed to fetch salt while updating locally affiliated user
password",
);
$XMLRPCERRORS = array(
Modified: incubator/vcl/trunk/web/.ht-inc/userpreferences.php
URL:
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/userpreferences.php?rev=760144&r1=760143&r2=760144&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/userpreferences.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/userpreferences.php Mon Mar 30 20:12:46 2009
@@ -28,6 +28,8 @@
define("HEIGHTERR", 1 << 2);
/// signifies an error with submitted viewasuser id
define("VIEWASUSERERR", 1 << 3);
+/// signifies an error with submitted new password
+define("LOCALPASSWORDERR", 1 << 4);
////////////////////////////////////////////////////////////////////////////////
///
@@ -122,10 +124,44 @@
print " <TD>" . $user["email"] . "</TD>\n";
print " <TD></TD>\n";
print " </TR>\n";
+ if($user['affiliation'] == 'Local') {
+ print " <TR>\n";
+ print " <TD colspan=3 align=center><h3>Change
Password</h3></TD>\n";
+ print " </TR>\n";
+ print " <TR>\n";
+ print " <TH align=right>Current Password:</TH>\n";
+ print " <TD>\n";
+ print " <label class=hidden
for=currentpassword>Current Password</label>\n";
+ print " <INPUT type=password name=currentpassword
maxlength=100 size=15>\n";
+ print " </TD>\n";
+ print " <TD>";
+ printSubmitErr(LOCALPASSWORDERR);
+ print "</TD>\n";
+ print " </TR>\n";
+ print " <TR>\n";
+ print " <TH align=right>New Password:</TH>\n";
+ print " <TD>\n";
+ print " <label class=hidden for=newpassword>New
Password</label>\n";
+ print " <INPUT type=password name=newpassword
maxlength=100 ";
+ print "id=newpassword onkeyup=\"checkNewLocalPassword();\"
size=15>\n";
+ print " </TD>\n";
+ print " <TD></TD>\n";
+ print " </TR>\n";
+ print " <TR>\n";
+ print " <TH align=right>Confirm Password:</TH>\n";
+ print " <TD>\n";
+ print " <label class=hidden
for=confirmpassword>Confirm Password</label>\n";
+ print " <INPUT type=password name=confirmpassword
maxlength=100 ";
+ print "id=confirmpassword onkeyup=\"checkNewLocalPassword();\"
size=15>\n";
+ print " </TD>\n";
+ print " <TD><span id=pwdstatus></span></TD>\n";
+ print " </TR>\n";
+ }
print " </table>\n";
$updateText = getAffiliationDataUpdateText($user['affiliationid']);
- print "<a name=updateinfo></a>{$updateText[$user['affiliationid']]}";
- print "<br><br>\n";
+ print "<a name=updateinfo></a>\n";
+ if(! empty($updateText[$user['affiliationid']]))
+ print "{$updateText[$user['affiliationid']]}<br><br>";
$cont = addContinuationsEntry('confirmpersonalprefs', array(),
SECINDAY, 1, 1, 1);
print " <INPUT type=hidden name=continuation value=\"$cont\">\n";
print " <div align=center>\n";
@@ -323,7 +359,7 @@
///
////////////////////////////////////////////////////////////////////////////////
function confirmUserPrefs($type) {
- global $submitErr;
+ global $submitErr, $user;
$data = processUserPrefsInput(1);
@@ -359,6 +395,10 @@
print " <TD>" . $data["preferredname"] . "</TD>\n";
print " </TR>\n";
print "</table>\n";
+ if($user['affiliation'] == 'Local' &&
+ ! empty($data['newpassword'])) {
+ print "New password will be submitted<br>\n";
+ }
}
elseif($type == 1) {
print "<H2>RDP File Preferences</H2>\n";
@@ -431,6 +471,22 @@
$data["bpp"], $data["audiomode"], $data["mapdrives"],
$data["mapprinters"], $data["mapserial"])) {
}
+ if($user['affiliation'] == 'Local' &&
+ ! empty($data['newpassword'])) {
+ $query = "SELECT l.salt "
+ . "FROM localauth l, "
+ . "user u "
+ . "WHERE u.id = '{$user['id']}' AND "
+ . "l.userid = u.id";
+ $qh = doQuery($query, 101);
+ if(! ($row = mysql_fetch_assoc($qh)))
+ abort();
+ $passhash = sha1("{$data['newpassword']}{$row['salt']}");
+ $query = "UPDATE localauth "
+ . "SET passhash = '$passhash' "
+ . "WHERE userid = {$user['id']}";
+ doQuery($query, 101);
+ }
$user = getUserInfo($user["id"]);
$_SESSION['user'] = $user;
userpreferences();
@@ -533,6 +589,27 @@
$submitErr |= VIEWASUSERERR;
$submitErrMsg[VIEWASUSERERR] = "Invalid user id";
}
+ if($user['affiliation'] == 'Local') {
+ $return['newpassword'] = $_POST['newpassword'];
+ $confirmpwd = $_POST['confirmpassword'];
+ $curr = $_POST['currentpassword'];
+ if(get_magic_quotes_gpc()) {
+ $return['newpassword'] =
stripslashes($return['newpassword']);
+ $confirmpwd = stripslashes($confirmpwd);
+ $curr = stripslashes($curr);
+ }
+ if(! empty($return['newpassword']) && ! empty($confirmpwd) &&
+ ! validateLocalAccount($user['unityid'], $curr)) {
+ $submitErr |= LOCALPASSWORDERR;
+ $submitErrMsg[LOCALPASSWORDERR] = "Password incorrect";
+ }
+ elseif((empty($return['newpassword']) && ! empty($confirmpwd))
||
+ (! empty($return['newpassword']) && empty($confirmpwd)) ||
+ ($return['newpassword'] != $confirmpwd)) {
+ $submitErr |= LOCALPASSWORDERR;
+ $submitErrMsg[LOCALPASSWORDERR] = "Passwords do not
match";
+ }
+ }
return $return;
}
Modified: incubator/vcl/trunk/web/js/code.js
URL:
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/js/code.js?rev=760144&r1=760143&r2=760144&view=diff
==============================================================================
--- incubator/vcl/trunk/web/js/code.js (original)
+++ incubator/vcl/trunk/web/js/code.js Mon Mar 30 20:12:46 2009
@@ -884,3 +884,18 @@
obj.style.top = my - y - obj.clientWidth;
obj.style.zIndex = 10;
}
+
+function checkNewLocalPassword() {
+ var pwd1 = document.getElementById('newpassword');
+ var pwd2 = document.getElementById('confirmpassword');
+ var stat = document.getElementById('pwdstatus');
+ if(pwd1.value == "" && pwd2.value == "") {
+ stat.innerHTML = '';
+ }
+ else if(pwd1.value == pwd2.value) {
+ stat.innerHTML = '<font color="#008000">match</font>';
+ }
+ else {
+ stat.innerHTML = '<font color="red">no match</font>';
+ }
+}
