Mercurial Hosting > freedit

comparison src/change_email.html.luan @ 58:31c895b73bd0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
improve change email
author Franklin Schmidt <fschmidt@gmail.com>
date Tue, 29 Nov 2022 16:09:17 -0700
parents 169ac5fdb320
children 02d8876dc41d
comparison
equal deleted inserted replaced
57:169ac5fdb320 58:31c895b73bd0
36 </body> 36 </body>
37 </html> 37 </html>
38 <% 38 <%
39 end 39 end
40 40
41 local function invalid()
42 page(function()
43 %>
44 <p>This link is no longer valid. Please <a href="/change_email.html">try again</a>.</p>
45 <%
46 end)
47 end
48
41 return function() 49 return function()
42 local user = User.current_required() 50 local user = User.current_required()
43 if user==nil then return end 51 if user==nil then return end
44 local email = Http.request.parameters.email 52 local email = Http.request.parameters.email
45 local password = Http.request.parameters.password 53 local password1 = Http.request.parameters.password1
54 local password2 = Http.request.parameters.password2
46 if email == nil then 55 if email == nil then
47 page(function() 56 page(function()
48 %> 57 %>
49 <form> 58 <form>
50 <p>Your current email is <b><%=user.email%></b>.</p> 59 <p>Your current email is <b><%=user.email%></b>.</p>
54 </p> 63 </p>
55 <p><input type="submit"></p> 64 <p><input type="submit"></p>
56 </form> 65 </form>
57 <% 66 <%
58 end) 67 end)
59 elseif password == nil then 68 elseif password1 == nil and password2 == nil then
60 run_in_transaction( function() 69 run_in_transaction( function()
61 user = user.reload() 70 user = user.reload()
62 user.hidden_password = User.new_password() 71 user.hidden_password_1 = User.new_password()
63 user.save() 72 user.save()
64 end ) 73 end )
65 local result = call_mail_api( "change_email", { 74 local result = call_mail_api( "change_email_1", {
66 base_url = base_url() 75 base_url = base_url()
67 from = forum_title.." <support@freedit.org>" 76 from = forum_title.." <support@freedit.org>"
77 to = user.email
68 email = email 78 email = email
69 password = user.hidden_password 79 password = user.hidden_password_1
70 } ) 80 } )
71 result.okay or error(result.error) 81 result.okay or error(result.error)
72 page(function() 82 page(function()
73 %> 83 %>
74 <p>We have sent an email to your new email address. Click on the link in that email to complete the change.</p> 84 <p>We have sent an email to your current email address. Click on the link in that email to change your email.</p>
75 <% 85 <%
76 end) 86 end)
77 elseif password ~= user.hidden_password then 87 elseif password1 ~= nil then
88 if password1 ~= user.hidden_password_1 then
89 invalid()
90 return
91 end
92 run_in_transaction( function()
93 user = user.reload()
94 user.hidden_password_1 = nil
95 user.hidden_password_2 = User.new_password()
96 user.save()
97 end )
98 local result = call_mail_api( "change_email_2", {
99 base_url = base_url()
100 from = forum_title.." <support@freedit.org>"
101 email = email
102 password = user.hidden_password_2
103 } )
104 result.okay or error(result.error)
78 page(function() 105 page(function()
79 %> 106 %>
80 <p>This link is no longer valid. Please <a href="/change_email.html">try again</a>.</p> 107 <p>We have sent an email to <b><%=email%></b>. Click on the link in that email to complete the change.</p>
81 <% 108 <%
82 end) 109 end)
83 else 110 elseif password2 ~= nil then
111 if password2 ~= user.hidden_password_2 then
112 invalid()
113 return
114 end
84 run_in_transaction( function() 115 run_in_transaction( function()
85 user = user.reload() 116 user = user.reload()
86 user.email = email 117 user.email = email
87 user.hidden_password = nil 118 user.hidden_password_2 = nil
88 user.save() 119 user.save()
89 end ) 120 end )
90 page(function() 121 page(function()
91 %> 122 %>
92 <p>Your email has been change to <b><%=user.email%></b>.</p> 123 <p>Your email has been change to <b><%=user.email%></b>.</p>
93 <% 124 <%
94 end) 125 end)
126 else
127 error()
95 end 128 end
96 end 129 end