ZwiiCMS-Team/ZwiiCampus
ZwiiCMS-Team/ZwiiCampus
8
6
Fork 1
Code Releases 70 Activity

fix password blank

Browse Source
This commit is contained in:
Fred Tempez 2023-11-09 09:33:27 +01:00
parent f8037e5361
commit 3713571fd6
1 changed files with 8 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
core/module/user/user.php
View File

@ -265,9 +265,9 @@ class user extends common
if ( if (
$this->isPost() $this->isPost()
) { ) {
$oldPassword = $this->getData(['user', $this->getUrl(2), 'password']);
// Double vérification pour le mot de passe // Double vérification pour le mot de passe
if ($this->getUser('group') < self::GROUP_ADMIN) { if ($this->getUser('group') < self::GROUP_ADMIN) {
$newPassword = $this->getData(['user', $this->getUrl(2), 'password']);
if ($this->getInput('userEditNewPassword')) { if ($this->getInput('userEditNewPassword')) {
// L'ancien mot de passe est correct // L'ancien mot de passe est correct
if (password_verify(html_entity_decode($this->getInput('userEditOldPassword')), $this->getData(['user', $this->getUrl(2), 'password']))) { if (password_verify(html_entity_decode($this->getInput('userEditOldPassword')), $this->getData(['user', $this->getUrl(2), 'password']))) {
@ -287,7 +287,10 @@ class user extends common
} }
} }
} else { } else {
if ($this->getInput('userEditNewPassword') === $this->getInput('userEditConfirmPassword')) { if (
!empty($this->getInput('userEditNewPassword'))
&& $this->getInput('userEditNewPassword') === $this->getInput('userEditConfirmPassword')
) {
$newPassword = $this->getInput('userEditNewPassword', helper::FILTER_PASSWORD); $newPassword = $this->getInput('userEditNewPassword', helper::FILTER_PASSWORD);
// Déconnexion de l'utilisateur si il change le mot de passe de son propre compte // Déconnexion de l'utilisateur si il change le mot de passe de son propre compte
if ($this->getUser('id') === $this->getUrl(2)) { if ($this->getUser('id') === $this->getUrl(2)) {
@ -332,7 +335,7 @@ class user extends common
'pseudo' => $this->getInput('userEditPseudo', helper::FILTER_STRING_SHORT, true), 'pseudo' => $this->getInput('userEditPseudo', helper::FILTER_STRING_SHORT, true),
'signature' => $this->getInput('userEditSignature', helper::FILTER_INT, true), 'signature' => $this->getInput('userEditSignature', helper::FILTER_INT, true),
'mail' => $this->getInput('userEditMail', helper::FILTER_MAIL, true), 'mail' => $this->getInput('userEditMail', helper::FILTER_MAIL, true),
'password' => $newPassword ? $newPassword : $this->getData(['user', $this->getUrl(2)], 'password'), 'password' => empty($newPassword) ? $oldPassword : $newPassword,
'connectFail' => $this->getData(['user', $this->getUrl(2), 'connectFail']), 'connectFail' => $this->getData(['user', $this->getUrl(2), 'connectFail']),
'connectTimeout' => $this->getData(['user', $this->getUrl(2), 'connectTimeout']), 'connectTimeout' => $this->getData(['user', $this->getUrl(2), 'connectTimeout']),
'accessUrl' => $this->getData(['user', $this->getUrl(2), 'accessUrl']), 'accessUrl' => $this->getData(['user', $this->getUrl(2), 'accessUrl']),
@ -1115,16 +1118,10 @@ class user extends common
// Id unique incorrecte // Id unique incorrecte
or $this->getUrl(3) !== md5(json_encode($this->getData(['user', $this->getUrl(2)]))) or $this->getUrl(3) !== md5(json_encode($this->getData(['user', $this->getUrl(2)])))
) { ) {
$message = ($this->getData(['user', $this->getUrl(2), 'forgot']) + 86400 < time()) === true ?'Temps dépassé':'';
$message = ($this->getUrl(3) !== md5(json_encode($this->getData(['user', $this->getUrl(2)])))) === true ?'Id incorrect':'';
$message = ($this->getData(['user', $this->getUrl(2)]) === null) === true ?'Utilisateur inconnu':'';
// Valeurs en sortie // Valeurs en sortie
$this->addOutput([ $this->addOutput([
'redirect' => helper::baseUrl(), 'access' => false
'notification' => 'Invalide : '. $message,
'state' => false,
]); ]);
} }
// Accès autorisé // Accès autorisé
@ -1154,8 +1151,7 @@ class user extends common
// Valeurs en sortie // Valeurs en sortie
$this->addOutput([ $this->addOutput([
'notification' => helper::translate('Nouveau mot de passe enregistré'), 'notification' => helper::translate('Nouveau mot de passe enregistré'),
//'redirect' => helper::baseUrl() . 'user/login/' . str_replace('/', '_', $this->getUrl()), 'redirect' => helper::baseUrl() . 'user/login/' . str_replace('/', '_', $this->getUrl()),
'redirect' => helper::baseUrl(),
'state' => true 'state' => true
]); ]);
} }