diff --git a/api/api_login.php b/api/api_login.php
index 00d6960..2b4c667 100644
--- a/api/api_login.php
+++ b/api/api_login.php
@@ -18,9 +18,9 @@ class api_login {
return \SYSTEM\SECURITY\security::confirm($token);}
public static function call_account_action_reset_password($username){
- return \SYSTEM\SECURITY\security::resetpassword($username);}
+ return \SYSTEM\SECURITY\security::reset_password($username);}
public static function call_account_action_change_password($username,$old_password_sha1,$new_password_sha1){
- return \SYSTEM\SECURITY\security::changepassword($username,$old_password_sha1,$new_password_sha1);}
+ return \SYSTEM\SECURITY\security::change_password($username,$old_password_sha1,$new_password_sha1);}
public static function call_account_action_change_email($username,$new_email){
- return \SYSTEM\SECURITY\security::changeemail($username,$new_email);}
+ return \SYSTEM\SECURITY\security::change_email($username,$new_email);}
}
\ No newline at end of file
diff --git a/sai/modules/saimod_sys_security/js/saimod_sys_security.js b/sai/modules/saimod_sys_security/js/saimod_sys_security.js
index c57729b..e3771fe 100644
--- a/sai/modules/saimod_sys_security/js/saimod_sys_security.js
+++ b/sai/modules/saimod_sys_security/js/saimod_sys_security.js
@@ -54,13 +54,18 @@ function init_saimod_sys_security_user() {
});
});
$('#btn_change_password').click(function(){
- $.get( './sai.php?call=account&action=changepassword&username='+$(this).attr('user')+'&old_password_sha1='+'&new_password_sha1=',function(data){
- if(data==1){
+ if($('#input_pw_new1').val() !== $('#input_pw_new2').val()){
+ alert('Passwords dont match!');
+ } else {
+ system.account_change_password($(this).attr('user'),$('#input_pw_old').val(),$('#input_pw_new1').val(),
+ function(data){
+ if(data.status){
alert('Password Changed');
} else {
- alert('fail');
+ alert('fail: '+data.result.message);
}
});
+ }
});
$('#btn_reset_password').click(function(){
$.get( './sai.php?call=account&action=resetpassword&account='+$(this).attr('user'),function(data){
@@ -81,22 +86,27 @@ function init_saimod_sys_security_user() {
});
});
$('#btn_rename_account').click(function(){
- $.get( './sai.php?saimod...&action=renameaccount&username='+$(this).attr('user')+'&new_username=',function(data){
- if(data==1){
+ $.get( './sai.php?sai_mod=.SYSTEM.SAI.saimod_sys_security&action=renameaccount&username='+$(this).attr('user')+'&new_username='+$('#input_new_user').val(),
+ function(data){
+ if(data.status){
alert('Accountname changed');
+ system.load('security(user);username.'+$('#input_new_user').val());
} else {
alert('fail');
}
});
});
$('#btn_delete_account').click(function(){
- $.get( './sai.php?saimod...',function(data){
- if(data==1){
- alert('Account deleted');
- } else {
- alert('fail');
- }
- });
+ if (confirm('Are you sure you want to delete this user completely and have no option to restore it?')) {
+ $.get( './sai.php?sai_mod=.SYSTEM.SAI.saimod_sys_security&action=deleteaccount&id='+$(this).attr('user'),function(data){
+ if(data.status){
+ alert('Account deleted');
+ system.load('security');
+ } else {
+ alert('fail');
+ }
+ });
+ }
});
}
diff --git a/sai/modules/saimod_sys_security/qq/SYS_SAIMOD_SECURITY_DELETE_USER.php b/sai/modules/saimod_sys_security/qq/SYS_SAIMOD_SECURITY_DELETE_USER.php
new file mode 100644
index 0000000..af8d7f5
--- /dev/null
+++ b/sai/modules/saimod_sys_security/qq/SYS_SAIMOD_SECURITY_DELETE_USER.php
@@ -0,0 +1,9 @@
+WEBPATH(false);
return \SYSTEM\PAGE\replace::replaceFile((new \SYSTEM\PSAI('modules/saimod_sys_security/tpl/saimod_sys_security.tpl'))->SERVERPATH(), $vars);}
+ public static function sai_mod__SYSTEM_SAI_saimod_sys_security_action_renameaccount($username,$new_username){
+ if(!\SYSTEM\SECURITY\security::available($new_username)){
+ throw new \SYSTEM\LOG\ERROR("Username not available");}
+ return \SYSTEM\SQL\SYS_SAIMOD_SECURITY_RENAME_USER::QI(array($new_username,$username)) ? \SYSTEM\LOG\JsonResult::ok() : \SYSTEM\LOG\JsonResult::fail();
+ }
+ public static function sai_mod__SYSTEM_SAI_saimod_sys_security_action_deleteaccount($id){
+ \SYSTEM\SQL\SYS_SAIMOD_SECURITY_DELETE_USER_RIGHTS::QI(array($id));
+ \SYSTEM\SQL\SYS_SAIMOD_SECURITY_DELETE_USER::QI(array($id));
+ return \SYSTEM\LOG\JsonResult::ok();
+ }
+
private static function tablerow_class($last_active){
$time = time() - $last_active;
diff --git a/sai/modules/saimod_sys_security/tpl/saimod_sys_security_user_view.tpl b/sai/modules/saimod_sys_security/tpl/saimod_sys_security_user_view.tpl
index 68a7b88..f04a11b 100644
--- a/sai/modules/saimod_sys_security/tpl/saimod_sys_security_user_view.tpl
+++ b/sai/modules/saimod_sys_security/tpl/saimod_sys_security_user_view.tpl
@@ -38,23 +38,23 @@
|
-
+
|
|
-
-
-
+
+
+
|
-
+
|
|
-
+
|
@@ -62,7 +62,7 @@
|
-
+
|
@@ -70,7 +70,7 @@
|
-
+
|
diff --git a/security/qq/SYS_SECURITY_LOGIN_USER_SHA1.php b/security/qq/SYS_SECURITY_LOGIN_USER_SHA1.php
index d212a88..52abd24 100644
--- a/security/qq/SYS_SECURITY_LOGIN_USER_SHA1.php
+++ b/security/qq/SYS_SECURITY_LOGIN_USER_SHA1.php
@@ -9,7 +9,7 @@ class SYS_SECURITY_LOGIN_USER_SHA1 extends \SYSTEM\DB\QP {
}
public static function mysql(){return
'SELECT * FROM '.\SYSTEM\SQL\system_user::NAME_MYS.
-' WHERE (UPPER('.\SYSTEM\SQL\system_user::FIELD_USERNAME.') LIKE UPPER(?)'.
+' WHERE UPPER('.\SYSTEM\SQL\system_user::FIELD_USERNAME.') LIKE UPPER(?)'.
' AND '.\SYSTEM\SQL\system_user::FIELD_PASSWORD_SHA.' = ?;';
}
}
\ No newline at end of file
diff --git a/security/security.php b/security/security.php
index 420f00d..a615302 100644
--- a/security/security.php
+++ b/security/security.php
@@ -72,7 +72,7 @@ class security {
}
public static function change_password($username,$old_password_sha1,$new_password_sha1){
- $row = \SYSTEM\SQL\SYS_SECURITY_LOGIN_USER_EMAIL_SHA1::Q1(array($username, $username, $old_password_sha1));
+ $row = \SYSTEM\SQL\SYS_SECURITY_LOGIN_USER_SHA1::Q1(array($username, $old_password_sha1));
if(!$row){
throw new \SYSTEM\LOG\ERROR("No such User Password combination.");}
$result = \SYSTEM\SQL\SYS_SECURITY_UPDATE_PW::QI(array($new_password_sha1, $row['id']));
diff --git a/sql/qt/mysql/data/system_api.sql b/sql/qt/mysql/data/system_api.sql
index 99bcc4c..4d12651 100644
--- a/sql/qt/mysql/data/system_api.sql
+++ b/sql/qt/mysql/data/system_api.sql
@@ -1,6 +1,10 @@
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (10, 0, 0, -1, NULL, 'call', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (11, 0, 0, 10, NULL, 'action', NULL);
+REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (13, 0, 2, 11, 'change_password', 'username', 'STRING');
+REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (14, 0, 2, 11, 'change_password', 'old_password_sha1', 'STRING');
+REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (15, 0, 3, 11, 'change_password', 'new_password_sha1', 'STRING');
+
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (20, 0, 2, 11, 'login', 'username', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (21, 0, 2, 11, 'login', 'password_sha1', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (22, 0, 3, 11, 'login', 'locale', 'LANG');
diff --git a/sql/qt/mysql/data/system_sai_api.sql b/sql/qt/mysql/data/system_sai_api.sql
index 58313aa..de6413b 100644
--- a/sql/qt/mysql/data/system_sai_api.sql
+++ b/sql/qt/mysql/data/system_sai_api.sql
@@ -9,6 +9,9 @@ REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `na
-- system_api
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (10, 42, 0, -1, NULL, 'call', NULL);
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (11, 42, 0, 10, NULL, 'action', NULL);
+REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (13, 42, 2, 11, 'change_password', 'username', 'STRING');
+REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (14, 42, 2, 11, 'change_password', 'old_password_sha1', 'STRING');
+REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (15, 42, 3, 11, 'change_password', 'new_password_sha1', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (20, 42, 2, 11, 'login', 'username', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (21, 42, 2, 11, 'login', 'password_sha1', 'STRING');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (22, 42, 3, 11, 'login', 'locale', 'LANG');
@@ -81,6 +84,10 @@ REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `na
--
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (340, 42, 2, 300, 'deleterightuser', 'rightid', 'UINT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (341, 42, 2, 300, 'deleterightuser', 'userid', 'UINT');
+--
+REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (350, 42, 2, 300, 'renameaccount', 'username', 'STRING');
+REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (351, 42, 2, 300, 'renameaccount', 'new_username', 'STRING');
+REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (355, 42, 2, 300, 'deleteaccount', 'id', 'UINT');
REPLACE INTO `system_api` (`ID`, `group`, `type`, `parentID`, `parentValue`, `name`, `verify`) VALUES (400, 42, 0, 0, '_SYSTEM_SAI_saimod_sys_mod', 'action', NULL);