diff options
| author | Tim Almdal <tnalmdal@shaw.ca> | 2009-02-03 00:17:40 +0000 |
|---|---|---|
| committer | Tim Almdal <tnalmdal@shaw.ca> | 2009-02-03 00:17:40 +0000 |
| commit | eb56ee821f0261c0106252c561e314b753b4cbb5 (patch) | |
| tree | cb59e5bd5f3f3cab1e1d037aad4c855444901f2d /modules/user/controllers/users.php | |
| parent | ae254df7f793a903ff0d44b54a9454b94760aa78 (diff) | |
Add a confirmation password input field that must match the primary
password field in order for the update to succeed. If there is no
data entered in the primary password field, the confirmation field is
ignored.
Addresses Trac Ticket #4
Diffstat (limited to 'modules/user/controllers/users.php')
| -rw-r--r-- | modules/user/controllers/users.php | 31 |
1 files changed, 19 insertions, 12 deletions
diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php index a285b32d..811e3a2d 100644 --- a/modules/user/controllers/users.php +++ b/modules/user/controllers/users.php @@ -28,19 +28,26 @@ class Users_Controller extends REST_Controller { $form = user::get_edit_form($user); $form->edit_user->password->rules("-required"); if ($form->validate()) { - // @todo: allow the user to change their name - // @todo: handle password changing gracefully - $user->full_name = $form->edit_user->full_name->value; - if ($form->edit_user->password->value) { - $user->password = $form->edit_user->password->value; - } - $user->email = $form->edit_user->email->value; - $user->url = $form->edit_user->url->value; - $user->save(); + if ($form->edit_user->password->value && + $form->edit_user->password->value != $form->edit_user->password2->value) { + $form->edit_user->password2->add_error("mistyped", 1); + print json_encode( + array("result" => "error", + "form" => $form->__toString())); + } else { + // @todo: allow the user to change their name + $user->full_name = $form->edit_user->full_name->value; + if ($form->edit_user->password->value) { + $user->password = $form->edit_user->password->value; + } + $user->email = $form->edit_user->email->value; + $user->url = $form->edit_user->url->value; + $user->save(); - print json_encode( - array("result" => "success", - "resource" => url::site("users/{$user->id}"))); + print json_encode( + array("result" => "success", + "resource" => url::site("users/{$user->id}"))); + } } else { print json_encode( array("result" => "error", |