diff options
author | Lukas Fleischer <archlinux@cryptocrack.de> | 2013-03-19 13:37:56 +0100 |
---|---|---|
committer | Lukas Fleischer <archlinux@cryptocrack.de> | 2013-03-19 14:03:34 +0100 |
commit | 97dd4b0f4de69e63e7924ba9ecb726b3c07008f4 (patch) | |
tree | f0402db0beb636a199801e81ba2619d3d6b078a3 /web | |
parent | 5d31bb24502536d53968f1ba0062d2b0aedb11c5 (diff) | |
download | aurweb-97dd4b0f4de69e63e7924ba9ecb726b3c07008f4.tar.xz |
process_account_form(): Allow using empty passwords
If an empty password is passed during account registration, login for
the new user is disabled and a reset key is sent to the new user's
e-mail address so that they can set an initial password manually.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web')
-rw-r--r-- | web/lib/acctfuncs.inc.php | 38 |
1 files changed, 25 insertions, 13 deletions
diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php index edca8a3..aabb096 100644 --- a/web/lib/acctfuncs.inc.php +++ b/web/lib/acctfuncs.inc.php @@ -91,7 +91,7 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="", $P="",$C="",$R="",$L="",$I="",$K="",$UID=0) { # error check and process request for a new/modified account - global $SUPPORTED_LANGS; + global $SUPPORTED_LANGS, $AUR_LOCATION; $dbh = DB::connect(); @@ -107,16 +107,8 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="", $error = __("Missing a required field."); } - if ($TYPE == "new") { - # they need password fields for this type of action - # - if (empty($P) || empty($C)) { - $error = __("Missing a required field."); - } - } else { - if (!$UID) { - $error = __("Missing User ID"); - } + if ($TYPE != "new" && !$UID) { + $error = __("Missing User ID"); } if (!$error && !valid_username($U) && !user_is_privileged($editor_user)) @@ -190,7 +182,13 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="", if ($TYPE == "new") { # no errors, go ahead and create the unprivileged user $salt = generate_salt(); - $P = salted_hash($P, $salt); + if (empty($P)) { + $send_resetkey = true; + $email = $E; + } else { + $send_resetkey = false; + $P = salted_hash($P, $salt); + } $U = $dbh->quote($U); $E = $dbh->quote($E); $P = $dbh->quote($P); @@ -213,7 +211,21 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="", print __("The account, %s%s%s, has been successfully created.", "<strong>", htmlspecialchars($U,ENT_QUOTES), "</strong>"); print "<p>\n"; - print __("Click on the Login link above to use your account."); + if ($send_resetkey) { + $body = __('Welcome to %s! In order ' . + 'to set an initial password ' . + 'for your new account, ' . + 'please click the link ' . + 'below. If the link does ' . + 'not work try copying and ' . + 'pasting it into your ' . + 'browser.', + $AUR_LOCATION); + send_resetkey($email, $body); + print __("A password reset key has been sent to your e-mail address."); + } else { + print __("Click on the Login link above to use your account."); + } print "</p>\n"; } |