Index: openacs-4/packages/acs-subsite/catalog/acs-subsite.en_US.ISO-8859-1.xml
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-subsite/catalog/acs-subsite.en_US.ISO-8859-1.xml,v
diff -u -N -r1.13 -r1.14
--- openacs-4/packages/acs-subsite/catalog/acs-subsite.en_US.ISO-8859-1.xml 28 Aug 2003 07:58:56 -0000 1.13
+++ openacs-4/packages/acs-subsite/catalog/acs-subsite.en_US.ISO-8859-1.xml 3 Sep 2003 08:33:34 -0000 1.14
@@ -231,5 +231,6 @@
Your email:
Your email address:
Your password:
+ Recover Password
Your Portrait
Index: openacs-4/packages/acs-subsite/www/user/password-update-2.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-subsite/www/user/Attic/password-update-2.tcl,v
diff -u -N -r1.10 -r1.11
--- openacs-4/packages/acs-subsite/www/user/password-update-2.tcl 28 Aug 2003 09:41:42 -0000 1.10
+++ openacs-4/packages/acs-subsite/www/user/password-update-2.tcl 3 Sep 2003 08:33:34 -0000 1.11
@@ -1,59 +1,61 @@
ad_page_contract {
Updates the users password if
- - password_old is correct
-
- password_1 matches password_2
-
+
- old_password is correct
+
- password_1 matches password_2
+
@cvs-id $Id$
-} -query {
+} {
password_1:notnull
password_2:notnull
- {password_old ""}
+ {old_password ""}
{user_id:integer ""}
{return_url ""}
} -validate {
- old_password_match -requires {user_id:integer password_old} {
- if {![permission::permission_p -object_id $user_id -privilege admin] && ![empty_string_p $user_id] && ![ad_check_password $user_id $password_old]} {
- ad_complain "Your current password does not match what you entered in the form."
- }
- }
confirm_password -requires {password_2:notnull} {
if {[empty_string_p $password_2]} {
ad_complain "You need to confirm the password that you typed. (Type the same thing again.)"
}
}
- new_password_match -requires {password_1:notnull password_2:notnull confirm_password} {
- if {![string equal $password_1 $password_2]} {
- ad_complain "Your passwords don't match! Presumably, you made a typo while entering one of them."
- }
- }
- new_password_old_password_different -requires { new_password_match } {
- if { [string equal $password_old $password_1] } {
- ad_complain "Your new password is identical to your old password. If you don't want to change your password, use your browser's back button to get out."
- }
- }
}
if {[empty_string_p $user_id]} {
set user_id [ad_verify_and_get_user_id]
}
+if { ![auth::password::can_change_p -user_id $user_id] } {
+ # We are not allowd to change password
+ # SIMON: What should we do here?
+ ad_return_error "Not allowed" "Changing password is not allowed. Sorry"
+}
+
set admin_p [permission::permission_p -object_id $user_id -privilege admin]
if {!$admin_p} {
permission::require_permission -party_id $user_id -object_id $user_id -privilege write
}
-if {[catch {ad_change_password $user_id $password_1} errmsg]} {
- ad_return_error "Wasn't able to change your password. Please contact the system administrator."
-}
-if { ![ad_conn user_id] } {
- ad_user_login $user_id
-}
+array set change_pwd_info [auth::password::change \
+ -user_id $user_id \
+ -old_password $old_password \
+ -new_password $password_1]
-if {[empty_string_p $return_url]} {
- set return_url [ad_parameter -package_id [ad_acs_kernel_id] "HomeURL"]
+if { [string equal $change_pwd_info(password_status) "ok"] } {
+ # Make sure the user is logged in
+ if { ![ad_conn user_id] } {
+ ad_user_login $user_id
+ }
+
+ if {[empty_string_p $return_url]} {
+ set return_url [ad_parameter -package_id [ad_acs_kernel_id] "HomeURL"]
+ }
+
+ ad_returnredirect $return_url
+
+} else {
+ # Changing password failed, display password_message
+ # SIMON: What should we do here?
+ ad_return_error "Failure" $change_pwd_info(password_status)
}
-ad_returnredirect $return_url
Index: openacs-4/packages/acs-subsite/www/user/password-update.adp
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-subsite/www/user/password-update.adp,v
diff -u -N -r1.13 -r1.14
--- openacs-4/packages/acs-subsite/www/user/password-update.adp 1 Sep 2003 11:41:01 -0000 1.13
+++ openacs-4/packages/acs-subsite/www/user/password-update.adp 3 Sep 2003 08:33:34 -0000 1.14
@@ -1,9 +1,8 @@
#acs-subsite.Update_Password#
#acs-subsite.lt_for_first_names_last_#
- @context@
- @focus@
-
+ #acs-subsite.Update_Password#
+ pwd.old_password
Welcome to @system_name@.
@@ -15,33 +14,29 @@
Index: openacs-4/packages/acs-subsite/www/user/password-update.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-subsite/www/user/password-update.tcl,v
diff -u -N -r1.11 -r1.12
--- openacs-4/packages/acs-subsite/www/user/password-update.tcl 1 Sep 2003 11:41:01 -0000 1.11
+++ openacs-4/packages/acs-subsite/www/user/password-update.tcl 3 Sep 2003 08:33:34 -0000 1.12
@@ -6,46 +6,33 @@
} {
{user_id ""}
{return_url ""}
- {password_old ""}
+ {old_password ""}
{expired_p:boolean "0"}
-} -properties {
- first_names:onevalue
- last_name:onevalue
- admin_enabled_p:onevalue
- export_vars:onevalue
- site_link:onevalue
- context:onevalue
}
if {[empty_string_p $user_id]} {
set user_id [ad_verify_and_get_user_id]
}
+if { ![auth::password::can_change_p -user_id $user_id] } {
+ ad_return_error "Not allowed" "Changing password is not allowed. Sorry"
+}
set context [list [list [ad_pvt_home] "Your Account"] [_ acs-subsite.Update_Password]]
# We have a special provision here for expired passwords
# The user will not be logged in, but we're supposed to log them in after we're done
# We use template::util::is_true in order to be liberal in the input we accept
+# SIMON: Do we still want to do this?
set expired_p [template::util::is_true $expired_p]
set system_name [ad_system_name]
set admin_p [permission::permission_p -object_id $user_id -privilege admin]
-if {!$admin_p} {
+if { !$admin_p } {
permission::require_permission -party_id $user_id -object_id $user_id -privilege write
}
db_1row user_information {}
set site_link [ad_site_home_link]
-
-set export_vars [export_vars -form { user_id return_url }]
-
-if { !$admin_p && [empty_string_p $password_old] } {
- set focus "pwd.password_old"
-} else {
- set focus "pwd.password_1"
-}
-
-ad_return_template