Check-in [5d7dae3b56]

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Removed firstname/lastname fields (issue [544067e8c0])
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:5d7dae3b56942eb3be2eb6276e016b880f4cac71
User & Date: rkeene 2016-09-13 18:48:51
Context
2016-09-13
19:05
Made nano Fossil more unified in setting HOME and USER to something random check-in: 38be9473fe user: rkeene tags: trunk
18:48
Removed firstname/lastname fields (issue [544067e8c0]) check-in: 5d7dae3b56 user: rkeene tags: trunk
18:37
Added support for LetsEncrypt/ACME URLs with flint check-in: 80ce2cfb47 user: rkeene tags: trunk
Changes

Changes to nano/session.php.

10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
..
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
...
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
    }

    public static function create($user)
    {
        $user['hash'] = crypt($user['password'], self::generateSalt());

        $sql = "INSERT INTO users
                       (first_name, last_name, email, username, hash)
                VALUES (:first, :last, :email, :username, :hash)";

        $bind             = array();
        $bind['first']    = $user['firstname'];
        $bind['last']     = $user['lastname'];
        $bind['email']    = $user['email'];
        $bind['username'] = $user['username'];
        $bind['hash']     = $user['hash'];

        if (Nano_Db::execute($sql, $bind)) {
            return true;
        }
................................................................................
    }

    public static function update($user, $info)
    {
        $bind = array();

        $sql = "UPDATE users
                   SET first_name = :first,
                       last_name  = :last,
                       email      = :email";

        if (isset($info['password'])) {
            $info['hash'] = crypt($info['password'], self::generateSalt());

            $bind['hash'] = $info['hash'];

            $sql .= ", password = '',
                       salt     = '',
                       hash     = :hash";
        }

        $sql .= " WHERE id = :id";

        $bind['first']    = $info['firstname'];
        $bind['last']     = $info['lastname'];
        $bind['email']    = $info['email'];
        $bind['id']       = $user['id'];

        if (Nano_Db::execute($sql, $bind)) {
            return true;
        }

................................................................................
            $bind['token'] = sha1("{$result['id']}{$result['username']}{$result['email']}" . mt_rand());

            Nano_Db::execute($sql, $bind);

            $headers = "From: Flint <no-reply@{$_SERVER['SERVER_NAME']}>\r\n" .
                       "Reply-To: Flint <no-reply@{$_SERVER['SERVER_NAME']}>";

            $message = "{$result['first_name']},\n\nUse the link below to reset your {$_SERVER['SERVER_NAME']} password. " .
                       "Your one time token expires in 24 hours.\n\n" .
                       "https://{$_SERVER['SERVER_NAME']}/secure/log-in/token/{$bind['token']}\n\n" .
                       "The Flint Team";

            mail($result['email'], 'Flint.tld Forgot Password', $message, $headers,
                 '-fno-reply@' . $_SERVER['SERVER_NAME']);








|
|


<
<







 







<
<
|













<
<







 







|







10
11
12
13
14
15
16
17
18
19
20


21
22
23
24
25
26
27
..
50
51
52
53
54
55
56


57
58
59
60
61
62
63
64
65
66
67
68
69
70


71
72
73
74
75
76
77
...
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
    }

    public static function create($user)
    {
        $user['hash'] = crypt($user['password'], self::generateSalt());

        $sql = "INSERT INTO users
                       (email, username, hash)
                VALUES (:email, :username, :hash)";

        $bind             = array();


        $bind['email']    = $user['email'];
        $bind['username'] = $user['username'];
        $bind['hash']     = $user['hash'];

        if (Nano_Db::execute($sql, $bind)) {
            return true;
        }
................................................................................
    }

    public static function update($user, $info)
    {
        $bind = array();

        $sql = "UPDATE users


                   SET email      = :email";

        if (isset($info['password'])) {
            $info['hash'] = crypt($info['password'], self::generateSalt());

            $bind['hash'] = $info['hash'];

            $sql .= ", password = '',
                       salt     = '',
                       hash     = :hash";
        }

        $sql .= " WHERE id = :id";



        $bind['email']    = $info['email'];
        $bind['id']       = $user['id'];

        if (Nano_Db::execute($sql, $bind)) {
            return true;
        }

................................................................................
            $bind['token'] = sha1("{$result['id']}{$result['username']}{$result['email']}" . mt_rand());

            Nano_Db::execute($sql, $bind);

            $headers = "From: Flint <no-reply@{$_SERVER['SERVER_NAME']}>\r\n" .
                       "Reply-To: Flint <no-reply@{$_SERVER['SERVER_NAME']}>";

            $message = "{$result['email']},\n\nUse the link below to reset your {$_SERVER['SERVER_NAME']} password. " .
                       "Your one time token expires in 24 hours.\n\n" .
                       "https://{$_SERVER['SERVER_NAME']}/secure/log-in/token/{$bind['token']}\n\n" .
                       "The Flint Team";

            mail($result['email'], 'Flint.tld Forgot Password', $message, $headers,
                 '-fno-reply@' . $_SERVER['SERVER_NAME']);

Changes to public/presentation/index.tpl.

29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
        </li>
    </ul>
</div>
<div id="side">
    <h2>Create an account <strong>now</strong>!</h2>
    <form action="https://<?= $_SERVER['SERVER_NAME'] ?>/secure/create-account/" method="post">
        <ol>
            <li><? $this->form_text('first-name') ?></li>
            <li><? $this->form_text('last-name') ?></li>
            <li><? $this->form_text('email') ?></li>
            <li><? $this->form_text('username') ?></li>
            <li><? $this->form_password('password') ?></li>
            <li><? $this->form_password('password-again') ?></li>
        </ol>
        <p><? $this->form_button('Create Account') ?></p>
    </form>
</div>
<div class="clear"></div>
<? endif ?>







<
<










29
30
31
32
33
34
35


36
37
38
39
40
41
42
43
44
45
        </li>
    </ul>
</div>
<div id="side">
    <h2>Create an account <strong>now</strong>!</h2>
    <form action="https://<?= $_SERVER['SERVER_NAME'] ?>/secure/create-account/" method="post">
        <ol>


            <li><? $this->form_text('email') ?></li>
            <li><? $this->form_text('username') ?></li>
            <li><? $this->form_password('password') ?></li>
            <li><? $this->form_password('password-again') ?></li>
        </ol>
        <p><? $this->form_button('Create Account') ?></p>
    </form>
</div>
<div class="clear"></div>
<? endif ?>

Changes to public/secure/account/index.php.

12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
    unset($_SESSION['token-login']);
}

if ($_POST) {
    $validation = new Nano_Validation();

    $rules                   = array();
    $rules['first-name']     = 'required,alpha';
    $rules['last-name']      = 'required,alpha';
    $rules['email']          = 'required,email';
    $rules['password-again'] = 'match[password]';

    if (isset($_POST['email']) && $_POST['email'] != $user['email']) {
        $rules['email'] = 'required,email,uniqueEmail';
    }

    if ($validation->validate($_POST, $rules)) {
        $info = array();
        $info['firstname'] = $_POST['first-name'];
        $info['lastname']  = $_POST['last-name'];
        $info['email']     = $_POST['email'];

        if (isset($_POST['password']) && !empty($_POST['password'])) {
            $info['password']  = $_POST['password'];
        }

        if (Nano_Session::update($user, $info)) {







<
<









<
<







12
13
14
15
16
17
18


19
20
21
22
23
24
25
26
27


28
29
30
31
32
33
34
    unset($_SESSION['token-login']);
}

if ($_POST) {
    $validation = new Nano_Validation();

    $rules                   = array();


    $rules['email']          = 'required,email';
    $rules['password-again'] = 'match[password]';

    if (isset($_POST['email']) && $_POST['email'] != $user['email']) {
        $rules['email'] = 'required,email,uniqueEmail';
    }

    if ($validation->validate($_POST, $rules)) {
        $info = array();


        $info['email']     = $_POST['email'];

        if (isset($_POST['password']) && !empty($_POST['password'])) {
            $info['password']  = $_POST['password'];
        }

        if (Nano_Session::update($user, $info)) {

Changes to public/secure/account/presentation/index.tpl.

5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
<p class="success">Account succesfully updated.</p>
<? elseif (isset($this->token)): ?>
<p class="success">Successfully logged in via token. Please reset your password.</p>
<? endif ?>

<form action="/secure/account/" method="post">
    <ol>
        <li><? $this->form_text('first-name', $this->user['first_name']) ?></li>
        <li><? $this->form_text('last-name', $this->user['last_name']) ?></li>
        <li><? $this->form_text('email', $this->user['email']) ?></li>
        <li><? $this->form_password('password') ?></li>
        <li><? $this->form_password('password-again') ?></li>
    </ol>
    <p><? $this->form_button('Update') ?></p>
</form>

<p class="special"><a href="/secure/account/delete" class="remove">Delete Account</a></p>







<
<








5
6
7
8
9
10
11


12
13
14
15
16
17
18
19
<p class="success">Account succesfully updated.</p>
<? elseif (isset($this->token)): ?>
<p class="success">Successfully logged in via token. Please reset your password.</p>
<? endif ?>

<form action="/secure/account/" method="post">
    <ol>


        <li><? $this->form_text('email', $this->user['email']) ?></li>
        <li><? $this->form_password('password') ?></li>
        <li><? $this->form_password('password-again') ?></li>
    </ol>
    <p><? $this->form_button('Update') ?></p>
</form>

<p class="special"><a href="/secure/account/delete" class="remove">Delete Account</a></p>

Changes to public/secure/create-account.php.

3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
$view = new Nano_View();
$view->title(' - Create Account');

if ($_POST) {
    $validation = new Nano_Validation();

    $rules                   = array();
    $rules['first-name']     = 'required,name';
    $rules['last-name']      = 'required,name';
    $rules['email']          = 'required,email,uniqueEmail';
    $rules['username']       = 'required,username,unique';
    $rules['password']       = 'required';
    $rules['password-again'] = 'required,match[password]';

    if ($validation->validate($_POST, $rules)) {
        $user = array();
        $user['firstname'] = $_POST['first-name'];
        $user['lastname']  = $_POST['last-name'];
        $user['email']     = $_POST['email'];
        $user['username']  = $_POST['username'];
        $user['password']  = $_POST['password'];

        if (Nano_Session::create($user)) {
            $_SESSION['new-account'] = true;
            Nano_Session::login($user['username'], $user['password']);







<
<







<
<







3
4
5
6
7
8
9


10
11
12
13
14
15
16


17
18
19
20
21
22
23
$view = new Nano_View();
$view->title(' - Create Account');

if ($_POST) {
    $validation = new Nano_Validation();

    $rules                   = array();


    $rules['email']          = 'required,email,uniqueEmail';
    $rules['username']       = 'required,username,unique';
    $rules['password']       = 'required';
    $rules['password-again'] = 'required,match[password]';

    if ($validation->validate($_POST, $rules)) {
        $user = array();


        $user['email']     = $_POST['email'];
        $user['username']  = $_POST['username'];
        $user['password']  = $_POST['password'];

        if (Nano_Session::create($user)) {
            $_SESSION['new-account'] = true;
            Nano_Session::login($user['username'], $user['password']);

Changes to public/secure/presentation/create-account.tpl.

2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

<? if (isset($this->error)): ?>
<p class="error">Something failed during the creation process please try again.</p>
<? endif ?>

<form action="/secure/create-account/" method="post">
    <ol>
        <li><? $this->form_text('first-name') ?></li>
        <li><? $this->form_text('last-name') ?></li>
        <li><? $this->form_text('email') ?></li>
        <li><? $this->form_text('username') ?></li>
        <li><? $this->form_password('password') ?></li>
        <li><? $this->form_password('password-again') ?></li>
    </ol>
    <p><? $this->form_button('Create Account') ?></p>
</form>







<
<







2
3
4
5
6
7
8


9
10
11
12
13
14
15

<? if (isset($this->error)): ?>
<p class="error">Something failed during the creation process please try again.</p>
<? endif ?>

<form action="/secure/create-account/" method="post">
    <ol>


        <li><? $this->form_text('email') ?></li>
        <li><? $this->form_text('username') ?></li>
        <li><? $this->form_password('password') ?></li>
        <li><? $this->form_password('password-again') ?></li>
    </ol>
    <p><? $this->form_button('Create Account') ?></p>
</form>