summaryrefslogtreecommitdiff
path: root/modules/user/controllers/users.php
diff options
context:
space:
mode:
Diffstat (limited to 'modules/user/controllers/users.php')
-rw-r--r--modules/user/controllers/users.php31
1 files changed, 19 insertions, 12 deletions
diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php
index a285b32d..811e3a2d 100644
--- a/modules/user/controllers/users.php
+++ b/modules/user/controllers/users.php
@@ -28,19 +28,26 @@ class Users_Controller extends REST_Controller {
$form = user::get_edit_form($user);
$form->edit_user->password->rules("-required");
if ($form->validate()) {
- // @todo: allow the user to change their name
- // @todo: handle password changing gracefully
- $user->full_name = $form->edit_user->full_name->value;
- if ($form->edit_user->password->value) {
- $user->password = $form->edit_user->password->value;
- }
- $user->email = $form->edit_user->email->value;
- $user->url = $form->edit_user->url->value;
- $user->save();
+ if ($form->edit_user->password->value &&
+ $form->edit_user->password->value != $form->edit_user->password2->value) {
+ $form->edit_user->password2->add_error("mistyped", 1);
+ print json_encode(
+ array("result" => "error",
+ "form" => $form->__toString()));
+ } else {
+ // @todo: allow the user to change their name
+ $user->full_name = $form->edit_user->full_name->value;
+ if ($form->edit_user->password->value) {
+ $user->password = $form->edit_user->password->value;
+ }
+ $user->email = $form->edit_user->email->value;
+ $user->url = $form->edit_user->url->value;
+ $user->save();
- print json_encode(
- array("result" => "success",
- "resource" => url::site("users/{$user->id}")));
+ print json_encode(
+ array("result" => "success",
+ "resource" => url::site("users/{$user->id}")));
+ }
} else {
print json_encode(
array("result" => "error",
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-17 15:26:25 +0000