From 89efc1ccc00d35390a63ef373baf3fdb1002853d Mon Sep 17 00:00:00 2001 From: trinkey Date: Wed, 26 Mar 2025 14:25:20 -0400 Subject: [PATCH] add password changing --- boilerplate/head.php | 6 +++- css/base.css | 40 +++++++++++++++++++-- helper.php | 14 ++++++++ index.php | 85 +++++++++++++++++++++++++++++++++++++++++--- lang/en-US.json | 28 ++++++++++++++- 5 files changed, 163 insertions(+), 10 deletions(-) diff --git a/boilerplate/head.php b/boilerplate/head.php index 8cfe8fd..fd36e6d 100644 --- a/boilerplate/head.php +++ b/boilerplate/head.php @@ -28,6 +28,10 @@ } if ($err) { - echo "
$err
"; + echo "
$err
"; + } + + if ($conf) { + echo "
$conf
"; } ?> diff --git a/css/base.css b/css/base.css index b89c5b8..c7e15c9 100644 --- a/css/base.css +++ b/css/base.css @@ -78,13 +78,30 @@ ul { padding-left: 25px; } +details { + margin: 10px 0; +} + +details:not([open]) summary { + font-size: 12px; + color: var(--subtext); +} + +code { + font-family: monospace; + padding: 1px 3px; + background-color: var(--input-background); + border-radius: 3px; +} + .right { text-align: right; } -.err { - color: var(--red); - border: 2px dashed var(--red); +.err, +.conf { + border-width: 2px; + border-style: dashed; padding: 20px; border-radius: 20px; max-width: 400px; @@ -92,6 +109,16 @@ ul { margin-bottom: 20px; } +.err { + color: var(--red); + border-color: var(--red); +} + +.conf { + color: var(--text); + border-color: var(--accent); +} + .red { color: var(--red); } @@ -104,3 +131,10 @@ ul { text-align: left; margin: 0 10vw; } + +#settings-container { + display: flex; + flex-direction: row; + flex-wrap: wrap; + gap: 3px 30px; +} diff --git a/helper.php b/helper.php index d68b643..3cb961c 100644 --- a/helper.php +++ b/helper.php @@ -4,6 +4,20 @@ function generate_id(): string { return hash("sha256", uniqid("", true)); } +function get_pop($val, string $type=""): string { + global $repopulate; + + if ($repopulate[$val]) { + if ($type == "date") { + return "value=\"" . date("Y-m-d", $repopulate[$val]) . "\""; + } + + return $repopulate[$val]; + } + + return ""; +} + function get_token(string $username, string $password_hash): string { return $username . "-" . hash("sha256", $password_hash . $username); } diff --git a/index.php b/index.php index 1ca4598..2e13fcf 100644 --- a/index.php +++ b/index.php @@ -32,6 +32,11 @@ if ($user === false) { } else if (strlen($description) === 0 || strlen($description) > 256) { $err = lang["add"]["errors"]["description_length"]; } else { + $repopulate = array( + "row_id" => $row_id, + "date" => $date + ); + pg_insert( $db, "item", array( "id" => generate_id(), @@ -41,6 +46,34 @@ if ($user === false) { ) ); } + } else if ($intent === "change-password") { + $old_pw = $_POST["old"]; + $new_pw = $_POST["new"]; + $confirm_pw = $_POST["confirm"]; + + if (!($old_pw && $new_pw && $confirm_pw)) { + $err = $lang["account"]["errors"]["bad_request"]; + } else if ($new_pw !== $confirm_pw) { + $err = $lang["account"]["errors"]["password_match"]; + } else if (password_verify($old_pw, $user["password_hash"])) { + $pw_hash = password_hash($new_pw, PASSWORD_DEFAULT); + + pg_update( + $db, "users", + array("password_hash" => $pw_hash), + array("id" => $user["id"]) + ); + + $token = get_token($user["username"], $pw_hash); + setcookie( + "token", $token, + time() + 60 * 60 * 24 * 365 + ); + + $conf = $lang["account"]["errors"]["password_changed"]; + } else { + $err = $lang["account"]["errors"]["incorrect_password"]; + } } } else if ($_GET["del"] && strlen($_GET["del"]) === 64 && preg_match("/[a-f0-9]{64}/", $_GET["del"])) { pg_query($db, "DELETE FROM item WHERE id='{$_GET['del']}';"); @@ -68,7 +101,11 @@ foreach ($sections as $section) { $first = true; foreach ($rows as $row) { - $select_options .= "