[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SF.net SVN: ledger-smb:[2839] branches/1.2
- Subject: SF.net SVN: ledger-smb:[2839] branches/1.2
- From: ..hidden..
- Date: Fri, 22 Jan 2010 20:12:54 +0000
Revision: 2839
http://ledger-smb.svn.sourceforge.net/ledger-smb/?rev=2839&view=rev
Author: einhverfr
Date: 2010-01-22 20:12:54 +0000 (Fri, 22 Jan 2010)
Log Message:
-----------
Adding some additional checks for user preference changes
Modified Paths:
--------------
branches/1.2/LedgerSMB/AM.pm
branches/1.2/LedgerSMB/User.pm
branches/1.2/bin/am.pl
Modified: branches/1.2/LedgerSMB/AM.pm
===================================================================
--- branches/1.2/LedgerSMB/AM.pm 2010-01-22 18:54:03 UTC (rev 2838)
+++ branches/1.2/LedgerSMB/AM.pm 2010-01-22 20:12:54 UTC (rev 2839)
@@ -1354,9 +1354,13 @@
company menuwidth countrycode address timeout stylesheet
printer password);
- $myconfig->{password} = $form->{new_password}
- if ( $form->{old_password} ne $form->{new_password} );
-
+ if ( $form->{old_password} && $form->{new_password}
+ && $form->{new_password} eq $form->{confirm_password}
+ ){
+ $myconfig->{password} = $form->{new_password};
+ $myconfig->{if_old_password} = $form->{old_password};
+ }
+ $myconfig->{save_preferences} = '1';
$myconfig->save_member();
1;
Modified: branches/1.2/LedgerSMB/User.pm
===================================================================
--- branches/1.2/LedgerSMB/User.pm 2010-01-22 18:54:03 UTC (rev 2838)
+++ branches/1.2/LedgerSMB/User.pm 2010-01-22 20:12:54 UTC (rev 2839)
@@ -697,7 +697,19 @@
$userConfAdd->execute( $self->{login} );
($userID) = $userConfAdd->fetchrow_array;
}
-
+ if ($self->{save_preferences}){
+ if (!$userConfExists){
+ $self->error("Access Denied");
+ }
+ if ($self->{if_old_password}){
+ my $sth = $dbh->prepare('SELECT CASE WHEN password = md5(?) THEN 1 ELSE 0 END FROM users_conf where id = ?');
+ $sth->execute($self->{if_old_password}, $userID);
+ my ($eval) = $sth->fetchrow_array();
+ if ($eval == 0){
+ $self->error("Access Denied");
+ }
+ }
+ }
if ($userConfExists) {
# for now, this is updating the table directly... ugly
Modified: branches/1.2/bin/am.pl
===================================================================
--- branches/1.2/bin/am.pl 2010-01-22 18:54:03 UTC (rev 2838)
+++ branches/1.2/bin/am.pl 2010-01-22 20:12:54 UTC (rev 2839)
@@ -2336,6 +2336,10 @@
<td>
<table>
<tr>
+ <th align="right">| . $locale->text('Old Password') . qq|</th>
+ <td><input type=password name=old_password size=10 value=""></td>
+ </tr>
+ <tr>
<th align="right">| . $locale->text('Password') . qq|</th>
<td><input type=password name=new_password size=10 value="$myconfig{password}"></td>
</tr>
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.