Fisheye: Tag 1.1.2.2 refers to a dead (removed) revision in file `openacs-4/packages/acs-admin/www/users/password-update-2.tcl'. Fisheye: No comparison available. Pass `N' to diff? Index: openacs-4/packages/acs-admin/www/users/password-update.adp =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-admin/www/users/password-update.adp,v diff -u -r1.1.2.1 -r1.1.2.2 --- openacs-4/packages/acs-admin/www/users/password-update.adp 27 Jul 2004 07:49:51 -0000 1.1.2.1 +++ openacs-4/packages/acs-admin/www/users/password-update.adp 21 Sep 2004 17:55:05 -0000 1.1.2.2 @@ -1,29 +1,9 @@ -Update_Password -@context_bar@ + #acs-subsite.Update_Password# + @context;noquote@ + +
@message@
+
-
- - - - - - - - - - - - - -
New Password
Confirm
- -
-
- -
- -
-
- + Index: openacs-4/packages/acs-admin/www/users/password-update.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-admin/www/users/password-update.tcl,v diff -u -r1.1.2.1 -r1.1.2.2 --- openacs-4/packages/acs-admin/www/users/password-update.tcl 27 Jul 2004 07:49:51 -0000 1.1.2.1 +++ openacs-4/packages/acs-admin/www/users/password-update.tcl 21 Sep 2004 17:55:05 -0000 1.1.2.2 @@ -1,18 +1,119 @@ ad_page_contract { - Let's the admin change a user's password. - - - @version $Id$ + Let's the user change his/her password. Asks + for old password, new password, and confirmation. + + @cvs-id $Id$ } { - {user_id:integer} + {user_id {[ad_conn untrusted_user_id]}} {return_url ""} - {password_old ""} -} + {message ""} +} -validate { + if_not_site_wide_admin { + set admin_p [acs_user::site_wide_admin_p] + if !$admin_p { + ad_complain "Usted no esta autorizado para ver esta página" + x} + } +} -db_1row user_information {} -set context_bar [list [list users Users] [list "user.tcl?user_id=$user_id" "$first_names $last_name"] "[_ dotlrn.Update_Password]"] +# Redirect to HTTPS if so configured +if { [security::RestrictLoginToSSLP] } { + security::require_secure_conn +} + +set level [ad_decode [security::RestrictLoginToSSLP] 1 "secure" "ok"] + +# If the user is changing passwords for another user, they need to be account ok +set account_status [ad_decode $user_id [ad_conn untrusted_user_id] "closed" "ok"] + +auth::require_login \ + -level $level \ + -account_status $account_status + +if { ![auth::password::can_change_p -user_id $user_id] } { + ad_return_error "Not supported" "Changing password is not supported." +} + +set page_title [_ acs-subsite.Update_Password] +set context [list [list [ad_pvt_home] [ad_pvt_home_name]] $page_title] + +set system_name [ad_system_name] set site_link [ad_site_home_link] -ad_return_template + + +acs_user::get -user_id $user_id -array user + +ad_form -name update -edit_buttons [list [list [_ acs-kernel.common_update] "ok"]] -form { + {user_id:integer(hidden)} + {return_url:text(hidden),optional} + {message:text(hidden),optional} +} + + +set focus "update.password_old" + + +ad_form -extend -name update -form { + {password_1:text(password) + {label {[_ acs-subsite.New_Password]}} + {html {size 20}} + } + {password_2:text(password) + {label {[_ acs-subsite.Confirm]}} + {html {size 20}} + } +} -on_request { + +} -validate { + {password_1 + { [string equal $password_1 $password_2] } + { Passwords don't match } + } +} -on_submit { + array set result [auth::password::change \ + -user_id $user_id \ + -old_password "" \ + -new_password $password_1] + + switch $result(password_status) { + ok { + # Continue + } + old_password_bad { + if { ![exists_and_not_null old_password] } { + form set_error update password_old $result(password_message) + } else { + # This hack causes the form to reload as if submitted, but with the old password showing + ad_returnredirect [export_vars -base [ad_conn url] -entire_form -exclude { old_password } -override { { password_old $old_password } }] + ad_script_abort + } + ad_return_error $result(password_message) "" + break + } + default { + form set_error update password_1 $result(password_message) + break + } + + } + + # If the account was closed, it might be open now + if { [string equal [ad_conn account_status] "closed"] } { + auth::verify_account_status + } + +} -after_submit { + if { [empty_string_p $return_url] } { + set return_url [ad_pvt_home] + set pvt_home_name [ad_pvt_home_name] + set continue_label [_ acs-subsite.Continue_to_your_account] + } else { + set continue_label [_ acs-subsite.Continue] + } + set message [_ acs-subsite.confirmation_password_changed] + set continue_url $return_url + ad_return_template /packages/acs-subsite/www/register/display-message +} Fisheye: Tag 1.1.2.2 refers to a dead (removed) revision in file `openacs-4/packages/acs-admin/www/users/password-update.xql'. Fisheye: No comparison available. Pass `N' to diff?