Merge branch 'master' of https://forge.chapril.org/fredtempez/ZwiiLMS

2023-11-08 09:05:41 +01:00 · 2023-11-08 09:05:41 +01:00 · dca5418647
commit dca5418647
parent c35d3b0167 e986a51754
4 changed files with 39 additions and 23 deletions
--- a/core/core.php
+++ b/core/core.php
@ -50,7 +50,7 @@ class common
 	const ACCESS_TIMER = 1800;

 	// Numéro de version
-	const ZWII_VERSION = '1.0.65';
+	const ZWII_VERSION = '1.0.66';

 	// URL autoupdate
 	const ZWII_UPDATE_URL = 'https://forge.chapril.org/ZwiiCMS-Team/campus-update/raw/branch/master/';
--- a/core/module/user/user.php
+++ b/core/module/user/user.php
@ -266,6 +266,7 @@ class user extends common
 					$this->isPost()
 				) {
 					// Double vérification pour le mot de passe
+					if ($this->getUser('group') < self::GROUP_ADMIN) {
 						$newPassword = $this->getData(['user', $this->getUrl(2), 'password']);
 						if ($this->getInput('userEditNewPassword')) {
 							// L'ancien mot de passe est correct
@ -285,6 +286,17 @@ class user extends common
 								self::$inputNotices['userEditOldPassword'] = helper::translate('Incorrect');
 							}
 						}
+					} else {
+						if ($this->getInput('userEditNewPassword') === $this->getInput('userEditConfirmPassword')) {
+							$newPassword = $this->getInput('userEditNewPassword', helper::FILTER_PASSWORD, true);
+							// Déconnexion de l'utilisateur si il change le mot de passe de son propre compte
+							if ($this->getUser('id') === $this->getUrl(2)) {
+								helper::deleteCookie('ZWII_USER_ID');
+								helper::deleteCookie('ZWII_USER_PASSWORD');
+							}
+						}
+					}
+
 					// Modification du groupe
 					if (
 						$this->getUser('group') === self::GROUP_ADMIN
--- a/core/module/user/view/edit/edit.php
+++ b/core/module/user/view/edit/edit.php
@ -81,11 +81,15 @@
 				'readonly' => true,
 				'value' => $this->getUrl(2)
 			]); ?>
+			<?php 
+			// Les admins ont le pouvoir de forcer le changement de mot de passe
+			if ($this->getUser('group') < self::GROUP_ADMIN): ?>
 				<?php echo template::password('userEditOldPassword', [
 					'autocomplete' => 'new-password',
 					// remplace 'off' pour éviter le pré remplissage auto
-				'label' => 'Ancien mot de passe'
+					'label' => 'Ancien mot de passe',
 				]); ?>
+			<?php endif; ?>
 			<?php echo template::password('userEditNewPassword', [
 				'autocomplete' => 'off',
 				'label' => 'Nouveau mot de passe'
--- a/core/module/user/view/reset/reset.php
+++ b/core/module/user/view/reset/reset.php
@ -12,7 +12,7 @@
 	</div>
 </div>
 <div class="row">
-	<div class="col2 offset10">
+	<div class="col3 offset9">
 		<?php echo template::submit('userResetSubmit', [
 			'value' => 'Valider'
 		]); ?>