Author: jfthomps
Date: Mon Mar 30 20:12:46 2009
New Revision: 760144

URL: http://svn.apache.org/viewvc?rev=760144&view=rev
Log:
VCL-124

errors.php:
added error 390: Failed to fetch salt while updating locally affiliated user 
password

userpreferences.php:
added define for LOCALPASSWORDERR
modified userpreferences:
-added section that shows up for users with affiliation Local that allows them 
to change their passwords
-added check in updateinfo anchor area to only print updateText and its 
following br's if it's not empty
modified confirmUserPrefs:
-added check for new password being submitted, in which case it will notify the 
user that the password will be updated
modified submitUserPrefs:
-added block of code to update password for users with an affiliation of Local 
if they submit a new password
modified processUserPrefsInput:
-added block of code to handle new password submission for users with an 
affiliation of Local

code.js:
added checkNewLocalPassword

Modified:
    incubator/vcl/trunk/web/.ht-inc/errors.php
    incubator/vcl/trunk/web/.ht-inc/userpreferences.php
    incubator/vcl/trunk/web/js/code.js

Modified: incubator/vcl/trunk/web/.ht-inc/errors.php
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/errors.php?rev=760144&r1=760143&r2=760144&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/errors.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/errors.php Mon Mar 30 20:12:46 2009
@@ -189,6 +189,7 @@
        "378" => "Failed to execute query 2 in updateResourcePrivs",
        "380" => "Failed to fetch last insert id in submitBlockRequest",
        "385" => "Failed to execute query in submitDeleteMgmtnode",
+       "390" => "Failed to fetch salt while updating locally affiliated user 
password",
 );
 
 $XMLRPCERRORS = array(

Modified: incubator/vcl/trunk/web/.ht-inc/userpreferences.php
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/.ht-inc/userpreferences.php?rev=760144&r1=760143&r2=760144&view=diff
==============================================================================
--- incubator/vcl/trunk/web/.ht-inc/userpreferences.php (original)
+++ incubator/vcl/trunk/web/.ht-inc/userpreferences.php Mon Mar 30 20:12:46 2009
@@ -28,6 +28,8 @@
 define("HEIGHTERR", 1 << 2);
 /// signifies an error with submitted viewasuser id
 define("VIEWASUSERERR", 1 << 3);
+/// signifies an error with submitted new password
+define("LOCALPASSWORDERR", 1 << 4);
 
 
////////////////////////////////////////////////////////////////////////////////
 ///
@@ -122,10 +124,44 @@
        print "          <TD>" . $user["email"] . "</TD>\n";
        print "          <TD></TD>\n";
        print "        </TR>\n";
+       if($user['affiliation'] == 'Local') {
+               print "        <TR>\n";
+               print "          <TD colspan=3 align=center><h3>Change 
Password</h3></TD>\n";
+               print "        </TR>\n";
+               print "        <TR>\n";
+               print "          <TH align=right>Current Password:</TH>\n";
+               print "          <TD>\n";
+               print "            <label class=hidden 
for=currentpassword>Current Password</label>\n";
+               print "            <INPUT type=password name=currentpassword 
maxlength=100 size=15>\n";
+               print "          </TD>\n";
+               print "          <TD>";
+               printSubmitErr(LOCALPASSWORDERR);
+               print "</TD>\n";
+               print "        </TR>\n";
+               print "        <TR>\n";
+               print "          <TH align=right>New Password:</TH>\n";
+               print "          <TD>\n";
+               print "            <label class=hidden for=newpassword>New 
Password</label>\n";
+               print "            <INPUT type=password name=newpassword 
maxlength=100 ";
+               print "id=newpassword onkeyup=\"checkNewLocalPassword();\" 
size=15>\n";
+               print "          </TD>\n";
+               print "          <TD></TD>\n";
+               print "        </TR>\n";
+               print "        <TR>\n";
+               print "          <TH align=right>Confirm Password:</TH>\n";
+               print "          <TD>\n";
+               print "            <label class=hidden 
for=confirmpassword>Confirm Password</label>\n";
+               print "            <INPUT type=password name=confirmpassword 
maxlength=100 ";
+               print "id=confirmpassword onkeyup=\"checkNewLocalPassword();\" 
size=15>\n";
+               print "          </TD>\n";
+               print "          <TD><span id=pwdstatus></span></TD>\n";
+               print "        </TR>\n";
+       }
        print "      </table>\n";
        $updateText = getAffiliationDataUpdateText($user['affiliationid']);
-       print "<a name=updateinfo></a>{$updateText[$user['affiliationid']]}";
-       print "<br><br>\n";
+       print "<a name=updateinfo></a>\n";
+       if(! empty($updateText[$user['affiliationid']]))
+               print "{$updateText[$user['affiliationid']]}<br><br>";
        $cont = addContinuationsEntry('confirmpersonalprefs', array(), 
SECINDAY, 1, 1, 1);
        print "      <INPUT type=hidden name=continuation value=\"$cont\">\n";
        print "      <div align=center>\n";
@@ -323,7 +359,7 @@
 ///
 
////////////////////////////////////////////////////////////////////////////////
 function confirmUserPrefs($type) {
-       global $submitErr;
+       global $submitErr, $user;
 
        $data = processUserPrefsInput(1);
 
@@ -359,6 +395,10 @@
                print "    <TD>" . $data["preferredname"] . "</TD>\n";
                print "  </TR>\n";
                print "</table>\n";
+               if($user['affiliation'] == 'Local' &&
+                  ! empty($data['newpassword'])) {
+                       print "New password will be submitted<br>\n";
+               }
        }
        elseif($type == 1) {
                print "<H2>RDP File Preferences</H2>\n";
@@ -431,6 +471,22 @@
                           $data["bpp"], $data["audiomode"], $data["mapdrives"],
                           $data["mapprinters"], $data["mapserial"])) {
        }
+       if($user['affiliation'] == 'Local' &&
+          ! empty($data['newpassword'])) {
+               $query = "SELECT l.salt "
+                      . "FROM localauth l, "
+                      .      "user u "
+                      . "WHERE u.id = '{$user['id']}' AND "
+                      .       "l.userid = u.id";
+               $qh = doQuery($query, 101);
+               if(! ($row = mysql_fetch_assoc($qh)))
+                       abort();
+               $passhash = sha1("{$data['newpassword']}{$row['salt']}");
+               $query = "UPDATE localauth "
+                      . "SET passhash = '$passhash' "
+                      . "WHERE userid = {$user['id']}";
+               doQuery($query, 101);
+       }
        $user = getUserInfo($user["id"]);
        $_SESSION['user'] = $user;
        userpreferences();
@@ -533,6 +589,27 @@
           $submitErr |= VIEWASUSERERR;
           $submitErrMsg[VIEWASUSERERR] = "Invalid user id";
        }
+       if($user['affiliation'] == 'Local') {
+               $return['newpassword'] = $_POST['newpassword'];
+               $confirmpwd = $_POST['confirmpassword'];
+               $curr = $_POST['currentpassword'];
+               if(get_magic_quotes_gpc()) {
+                       $return['newpassword'] = 
stripslashes($return['newpassword']);
+                       $confirmpwd = stripslashes($confirmpwd);
+                       $curr = stripslashes($curr);
+               }
+               if(! empty($return['newpassword']) && ! empty($confirmpwd) &&
+                  ! validateLocalAccount($user['unityid'], $curr)) {
+                       $submitErr |= LOCALPASSWORDERR;
+                       $submitErrMsg[LOCALPASSWORDERR] = "Password incorrect";
+               }
+               elseif((empty($return['newpassword']) && ! empty($confirmpwd)) 
||
+                  (! empty($return['newpassword']) && empty($confirmpwd)) ||
+                  ($return['newpassword'] != $confirmpwd)) {
+                       $submitErr |= LOCALPASSWORDERR;
+                       $submitErrMsg[LOCALPASSWORDERR] = "Passwords do not 
match";
+               }
+       }
        return $return;
 }
 

Modified: incubator/vcl/trunk/web/js/code.js
URL: 
http://svn.apache.org/viewvc/incubator/vcl/trunk/web/js/code.js?rev=760144&r1=760143&r2=760144&view=diff
==============================================================================
--- incubator/vcl/trunk/web/js/code.js (original)
+++ incubator/vcl/trunk/web/js/code.js Mon Mar 30 20:12:46 2009
@@ -884,3 +884,18 @@
    obj.style.top = my - y - obj.clientWidth;
    obj.style.zIndex = 10;
 }
+
+function checkNewLocalPassword() {
+       var pwd1 = document.getElementById('newpassword');
+       var pwd2 = document.getElementById('confirmpassword');
+       var stat = document.getElementById('pwdstatus');
+       if(pwd1.value == "" && pwd2.value == "") {
+               stat.innerHTML = '';
+       }
+       else if(pwd1.value == pwd2.value) {
+               stat.innerHTML = '<font color="#008000">match</font>';
+       }
+       else {
+               stat.innerHTML = '<font color="red">no match</font>';
+       }
+}


Reply via email to