static void act_register(cgi_sink *output,
dcgi_state *ds) {
- const char *username, *password, *email;
+ const char *username, *password, *password2, *email;
char *confirm, *content_type;
const char *text, *encoding, *charset;
username = cgi_get("username");
- password = cgi_get("password");
+ password = cgi_get("password1");
+ password2 = cgi_get("password2");
email = cgi_get("email");
if(!username || !*username) {
expand_template(ds, output, "login");
return;
}
+ if(!password2 || !*password2 || strcmp(password, password2)) {
+ cgi_set_option("error", "passwordmismatch");
+ expand_template(ds, output, "login");
+ return;
+ }
if(!email || !*email) {
cgi_set_option("error", "noemail");
expand_template(ds, output, "login");
expand_template(ds, output, "login");
}
+static void act_edituser(cgi_sink *output,
+ dcgi_state *ds) {
+ const char *email = cgi_get("email"), *password = cgi_get("changepassword1");
+ const char *password2 = cgi_get("changepassword2");
+ int newpassword = 0;
+ disorder_client *c;
+
+ if((password && *password) || (password && *password2)) {
+ if(!password || !password2 || strcmp(password, password2)) {
+ cgi_set_option("error", "passwordmismatch");
+ expand_template(ds, output, "login");
+ return;
+ }
+ } else
+ password = password2 = 0;
+
+ if(email) {
+ if(disorder_edituser(ds->g->client, disorder_user(ds->g->client),
+ "email", email)) {
+ cgi_set_option("error", "badedit");
+ expand_template(ds, output, "login");
+ return;
+ }
+ }
+ if(password) {
+ if(disorder_edituser(ds->g->client, disorder_user(ds->g->client),
+ "password", password)) {
+ cgi_set_option("error", "badedit");
+ expand_template(ds, output, "login");
+ return;
+ }
+ newpassword = 1;
+ }
+ if(newpassword) {
+ login_cookie = 0; /* it'll be invalid now */
+ /* This is a bit duplicative of act_login() */
+ c = disorder_new(0);
+ if(disorder_connect_user(c, disorder_user(ds->g->client), password)) {
+ cgi_set_option("error", "loginfailed");
+ expand_template(ds, output, "login");
+ return;
+ }
+ if(disorder_make_cookie(c, &login_cookie)) {
+ cgi_set_option("error", "cookiefailed");
+ expand_template(ds, output, "login");
+ return;
+ }
+ /* Use the new connection henceforth */
+ ds->g->client = c;
+ ds->g->flags = 0;
+ /* We have a new cookie */
+ header_cookie(output->sink);
+ }
+ cgi_set_option("status", "edited");
+ expand_template(ds, output, "login");
+}
+
static const struct action {
const char *name;
void (*handler)(cgi_sink *output, dcgi_state *ds);
} actions[] = {
{ "confirm", act_confirm },
{ "disable", act_disable },
+ { "edituser", act_edituser },
{ "enable", act_enable },
{ "login", act_login },
{ "logout", act_logout },
expandstring(output, args[2], ds);
}
+static void exp_userinfo(int attribute((unused)) nargs,
+ char **args,
+ cgi_sink *output,
+ void *u) {
+ dcgi_state *const ds = u;
+ const char *value;
+
+ if(disorder_userinfo(ds->g->client, disorder_user(ds->g->client), args[0],
+ (char **)&value))
+ value = "";
+ cgi_output(output, "%s", value);
+}
+
static const struct cgi_expansion expansions[] = {
{ "#", 0, INT_MAX, EXP_MAGIC, exp_comment },
{ "action", 0, 0, 0, exp_action },
{ "url", 0, 0, 0, exp_url },
{ "urlquote", 1, 1, 0, exp_urlquote },
{ "user", 0, 0, 0, exp_user },
+ { "userinfo", 1, 1, 0, exp_userinfo },
{ "version", 0, 0, 0, exp_version },
{ "volume", 1, 1, 0, exp_volume },
{ "when", 0, 0, 0, exp_when },
<tr>
<td>@label:login.username@</td>
<td>
- <input class=username name=username type=text value="@arg:username@" size=32>
+ <input class=username name=username type=text size=32
+ value="@arg:username@">
</td>
</tr>
<tr>
<td>@label:login.password@</td>
- <td><input class=password name=password type=password value=""
- size=32></td>
+ <td>
+ <input class=password name=password type=password value=""
+ size=32>
+ </td>
+ </tr>
+ <tr>
<td>
<button class=login name=action type=submit value=login>
@label:login.login@
<tr>
<td>@label:login.username@</td>
<td>
- <input class=username name=username type=text value="" size=32>
+ <input class=username name=username type=text size=32
+ value="">
</td>
+ <td class=extra>@label:login.registerusernameextra@</td>
</tr>
<tr>
<td>@label:login.email@</td>
<td>
- <input class=email name=email type=text value="" size=32>
+ <input class=email name=email type=text size=32
+ value="">
</td>
+ <td class=extra>@label:login.registeremailextra@</td>
+ </tr>
+ <tr>
+ <td>@label:login.password1@</td>
+ <td>
+ <input class=password name=password1 type=password size=32
+ value="">
+ </td>
+ <td class=extra>@label:login.registerpassword1extra@</td>
+ </tr>
+ <tr>
+ <td>@label:login.password2@</td>
+ <td>
+ <input class=password name=password2 type=password size=32
+ value="">
+ </td>
+ <td class=extra>@label:login.registerpassword2extra@</td>
</tr>
<tr>
- <td>@label:login.password@</td>
- <td><input class=password name=password type=password value=""
- size=32></td>
<td>
<button class=register name=action type=submit value=register>
@label:login.register@
<h2>Logged in as @user@</h2>
- <p>TODO none of this stuff works yet</p>
+ <form class=logout action="@url@" method=POST
+ enctype="multipart/form-data" accept-charset=utf-8>
+ <div class=logout>
+ <button class=logout name=action type=submit value=logout>
+ @label:login.logout@
+ </button>
+ </div>
+ <input name=nonce type=hidden value="@nonce@">
+ </form>
<p>Use this form to change your email address and/or password.</p>
<tr>
<td>@label:login.email@</td>
<td>
- <input class=email name=email type=text value="TODO" size=32>
+ <input class=email name=email type=text size=32
+ value="@userinfo:email@">
</td>
+ <td class=extra>@label:login.edituseremailextra@</td>
+ </tr>
+ <tr>
+ <td>@label:login.newpassword@</td>
+ <td>
+ <input class=password name=changepassword1 type=password size=32
+ value="">
+ </td>
+ <td class=extra>@label:login.edituserpassword1extra@</td>
+ </tr>
+ <tr>
+ <td>@label:login.newpassword@</td>
+ <td>
+ <input class=password name=changepassword2 type=password size=32
+ value="">
+ </td>
+ <td class=extra>@label:login.edituserpassword2extra@</td>
</tr>
<tr>
- <td>@label:login.password@</td>
- <td><input class=password name=password type=password value=""
- size=32></td>
<td>
<button class=edituser name=action type=submit value=edituser>
@label:login.edituser@
<input name=nonce type=hidden value="@nonce@">
</form>
- <p>Use this button to log out @user@.</p>
-
- <form class=logout action="@url@" method=POST
- enctype="multipart/form-data" accept-charset=utf-8>
- <div class=logout>
- <button class=logout name=action type=submit value=logout>
- @label:login.logout@
- </button>
- </div>
- <input name=nonce type=hidden value="@nonce@">
- </form>
-
}@
@include{topbarend}@
# Text for login fields
label login.username "Username"
label login.password "Password"
+label login.password1 "Password"
+label login.password2 "Password"
+label login.newpassword "New Password"
label login.email "Email address"
+label login.registerusernameextra "May only contain unaccented Roman letters and digit; case matters"
+label login.registeremailextra "Must be valid"
+label login.registerpassword1extra "Letter case matters"
+label login.registerpassword2extra "Type same password again to check"
+
+label login.edituseremailextra ""
+label login.edituserpassword1extra "Leave blank to keep existing password"
+label login.edituserpassword2extra "Type same password again to check"
+
# Text for login page buttons
label login.login "Login"
label login.register "Register"
# Text for login page responses
label login.loginok "You are now logged in."
label login.logoutok "You are now logged out."
-label login.registered "Registered your new login. Please check your email."
-label login.confirmed "Confirmed your new login. You are now logged in."
+label login.registered "Your new login has been registered. Please check your email."
+label login.confirmed "Your new login has been confirmed. You are now logged in."
+label login.edited "Your details have been changed."
# <TITLE> for account page
label account.title "DisOrder User Details"
# Text used when cannot connect to server
label error.connect "Cannot connect to server."
-# Text used when cannot become right user
+# Error messages for login.html
label error.loginfailed "Incorrect username and/or password."
+label error.cookiefailed "Cannot create login cookie."
+label error.nousername "No username specified."
+label error.nopassword "No password specified."
+label error.passwordmismatch "Passwords do not match."
+label error.noemail "No email address specified."
+label error.bademail "Invalid email address."
+label error.cannotregister "Unable to register user."
+label error.noconfirm "Missing confirmation string."
+label error.badconfirm "Invalid confirmation string."
+label error.badedit "Cannot edit user details."
# Text appended to all error pages
label error.generic ""