Hello! I might be the only one, but has anyone else noticed that if you try and change a user's password via the acp, the user later can't log in with the new or the old password? I'm experimenting with v.1.3.3, but when I checked the v.1.3.4 list of fixed bugs, this wasn't mentioned. Does anyone else have this issue or know how to fix it?
PHP Code:
<?php
class ACPUserController extends AppController{
const PARAM = "uid";
private $view;
private $subController;
public function __construct(){
parent::__construct();
$mysidia = Registry::get("mysidia");
if($mysidia->usergroup->getpermission("canmanageusers") != "yes"){
throw new NoPermissionException("You do not have permission to manage users.");
}
}
public function index(){
parent::index();
$mysidia = Registry::get("mysidia");
$document = $mysidia->frame->getDocument();
$stmt = $mysidia->db->select("users", array());
$fields = array("uid", "username", "email", "ip", "usergroup", "uid::edit", "uid::delete");
$userTable = new TableBuilder("user");
$userTable->setAlign(new Align("center", "middle"));
$userTable->buildHeaders("uid", "Username", "Email", "IP", "Usergroup", "Edit", "Delete");
$userTable->setHelper(new UserTableHelper);
$userTable->setMethod($fields[1], "getProfileLink");
$userTable->setMethod($fields[5], "getEditLink");
$userTable->setMethod($fields[6], "getDeleteLink");
$userTable->buildTable($stmt, $fields);
$document->add($userTable);
}
public function add(){
throw new InvalidActionException($mysidia->lang->global_action);
}
public function edit(){
$mysidia = Registry::get("mysidia");
$document = $mysidia->frame->getDocument();
if(!$mysidia->input->get("uid")){
$this->index();
return;
}
$user = new Member($mysidia->input->get("uid"));
if($mysidia->input->post("submit")){
// A form has been submitted, we will be processing the request.
if($mysidia->input->post("pass1")){
$newsalt = codegen(15, 0);
$password = passencr($username, $pass1, $newsalt);
$mysidia->db->update("users", array("password" => $password), "uid='{$mysidia->input->get("uid")}'");
if($mysidia->input->post("emailpwchange") == "yes"){
//SEND THE PASSWORD CHANGE EMAIL...
$systememail = $mysidia->settings->systememail;
$headers = "From: {$systememail}";
$message = "Hello {$user->username};\n\nYour password at {$mysidia->settings->sitename} has been changed by the site admin. Your new account details are as follows:\n
Username: {$user->username}\nPassword: {$mysidia->input->post("pass1")}\n
You can log in to your account at: {$mysidia->path->getAbsolute()}login\n
Thank You. The {$mysidia->settings->sitename} team.";
mail($mysidia->input->post("email"), "{$mysidia->settings->sitename} - Your password has been changed", $message, $headers);
}
}
$mysidia->db->update("users", array("email" => $mysidia->input->post("email")), "uid='{$mysidia->input->get("uid")}'");
if(is_numeric($mysidia->input->post("level"))) $mysidia->db->update("users", array("usergroup" => $mysidia->input->post("level")), "uid='{$mysidia->input->get("uid")}'");
//Carry out user banning options
if($mysidia->input->post("canlevel") == "no") $mysidia->db->update("users_status", array("canlevel" => 'no'), "uid='{$mysidia->input->get("uid")}'");
if($mysidia->input->post("canvm") == "no") $mysidia->db->update("users_status", array("canvm" => 'no'), "uid='{$mysidia->input->get("uid")}'");
if($mysidia->input->post("canfriend") == "no") $mysidia->db->update("users_status", array("canfriend" => 'no'), "uid='{$mysidia->input->get("uid")}'");
if($mysidia->input->post("cantrade") == "no") $mysidia->db->update("users_status", array("cantrade" => 'no'), "uid='{$mysidia->input->get("uid")}'");
if($mysidia->input->post("canbreed") == "no") $mysidia->db->update("users_status", array("canbreed" => 'no'), "uid='{$mysidia->input->get("uid")}'");
if($mysidia->input->post("canpound") == "no") $mysidia->db->update("users_status", array("canpound" => 'no'), "uid='{$mysidia->input->get("uid")}'");
if($mysidia->input->post("canshop") == "no") $mysidia->db->update("users_status", array("canshop" => 'no'), "uid='{$mysidia->input->get("uid")}'");
if($mysidia->input->post("unban") == "yes") unbanuser($user->username);
$document->setTitle($mysidia->lang->edited_title);
$document->addLangvar($mysidia->lang->edited);
}
else{
// Show default form action
$userForm = new FormBuilder("editform", $mysidia->input->get("uid"), "post");
$userForm->add(new Comment("<br><br>"));
$userForm->add(new Image("templates/icons/delete.gif"));
$userForm->buildCheckBox(" Delete This User. <strong>This cannot be undone!</strong>", "delete", "yes")
->buildComment("Assign New Password: ", FALSE)->buildPasswordField("password", "pass1", "", TRUE)
->buildComment("Passwords may contain letters and numbers only. Leave the box blank to keep the current password.")
->buildCheckBox(" Email the user the new password (Only takes effect if setting a new password) ", "emailpwchange", "yes")
->buildComment("Change Email Address: ", FALSE)->buildTextField("email", $user->getemail())
->buildCheckBox(" Ban this user's rights to click adoptables", "canlevel", "no")
->buildCheckBox(" Ban this user's rights to post profile comments", "canvm", "no")
->buildCheckBox(" Ban this user's rights to make trade offers", "cantrade", "no")
->buildCheckBox(" Ban this user's rights to send friend requests", "canfriend", "no")
->buildCheckBox(" Ban this user's rights to breed adoptables", "canbreed", "no")
->buildCheckBox(" Ban this user's rights to abandon adoptables", "canpound", "no")
->buildCheckBox(" Ban this user's rights to visit Shops", "canshop", "no");
$userForm->add(new Comment("<u>{$user->username}'s Current Usergroup:</u> Group {$user->usergroup}"));
$userForm->add(new Comment("Change {$user->username}'s Usergroup To:", FALSE));
$userForm->buildDropdownList("level", "UsergroupList", $user->usergroup->gid)
->buildButton("Edit User", "submit", "submit");
$document->add($userForm);
}
}
public function delete(){
$mysidia = Registry::get("mysidia");
$document = $mysidia->frame->getDocument();
if(!$mysidia->input->get("uid")){
$this->index();
return;
}
$user = new Member($mysidia->input->get("uid"));
deleteuser($user->username);
$document->setTitle($mysidia->lang->delete_title);
$document->addLangvar($mysidia->lang->delete);
header("Refresh:3; URL='../../index'");
}
public function merge(){
$mysidia = Registry::get("mysidia");
throw new InvalidActionException($mysidia->lang->global_action);
}
public function search(){
$mysidia = Registry::get("mysidia");
throw new InvalidActionException($mysidia->lang->global_action);
}
}
?>