From d537315bdd0072e25558ba006bfbfba13a84b8d2 Mon Sep 17 00:00:00 2001 From: Nik Okuntseff Date: Sat, 8 Dec 2018 18:56:53 +0000 Subject: [PATCH] A bit more refactoring. --- WEB-INF/lib/ttFavReportHelper.class.php | 1 - WEB-INF/templates/footer.tpl | 2 +- password_change.php | 31 ++++++++++++++----------- password_reset.php | 6 ++--- 4 files changed, 21 insertions(+), 19 deletions(-) diff --git a/WEB-INF/lib/ttFavReportHelper.class.php b/WEB-INF/lib/ttFavReportHelper.class.php index a1f2b945..b056bd81 100644 --- a/WEB-INF/lib/ttFavReportHelper.class.php +++ b/WEB-INF/lib/ttFavReportHelper.class.php @@ -72,7 +72,6 @@ class ttFavReportHelper { } return false; } - // getReport - returns a report identified by its id. // TODO: get rid of this function by encapsulating all cron related tasks in its own class. // Because cron works for all orgs and we want this class to always work in context of diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl index eb75ce26..63adffd9 100644 --- a/WEB-INF/templates/footer.tpl +++ b/WEB-INF/templates/footer.tpl @@ -12,7 +12,7 @@
-
 Anuko Time Tracker 1.18.29.4614 | Copyright © Anuko | +  Anuko Time Tracker 1.18.29.4615 | Copyright © Anuko | {$i18n.footer.credits} | {$i18n.footer.license} | {$i18n.footer.improve} diff --git a/password_change.php b/password_change.php index 2dce99f9..b4e57755 100644 --- a/password_change.php +++ b/password_change.php @@ -33,27 +33,30 @@ import('ttUser'); $auth->doLogout(); +// Access checks. $cl_ref = $request->getParameter('ref'); if (!$cl_ref || $auth->isPasswordExternal()) { header('Location: login.php'); exit(); } - -// Get user ID. $user_id = ttUserHelper::getUserIdByTmpRef($cl_ref); -if ($user_id) { - $user = new ttUser(null, $user_id); // Note: reusing $user from initialize.php. - // In case user language is different - reload $i18n. - if ($i18n->lang != $user->lang) { - $i18n->load($user->lang); - $smarty->assign('i18n', $i18n->keys); - } - if ($user->custom_logo) { - $smarty->assign('custom_logo', 'images/'.$user->group_id.'.png'); - $smarty->assign('mobile_custom_logo', '../images/'.$user->group_id.'.png'); - } - $smarty->assign('user', $user); +if (!$user_id) { + header('Location: access_denied.php'); // No user found by provided reference. + exit(); +} +// End of access checks. + +$user = new ttUser(null, $user_id); // Note: reusing $user from initialize.php. +// In case user language is different - reload $i18n. +if ($i18n->lang != $user->lang) { + $i18n->load($user->lang); + $smarty->assign('i18n', $i18n->keys); +} +if ($user->custom_logo) { + $smarty->assign('custom_logo', 'images/'.$user->group_id.'.png'); + $smarty->assign('mobile_custom_logo', '../images/'.$user->group_id.'.png'); } +$smarty->assign('user', $user); $cl_password1 = $request->getParameter('password1'); $cl_password2 = $request->getParameter('password2'); diff --git a/password_reset.php b/password_reset.php index 1ee4711e..4d4e2486 100644 --- a/password_reset.php +++ b/password_reset.php @@ -36,13 +36,13 @@ if ($auth->isPasswordExternal()) { exit(); } +$cl_login = $request->getParameter('login'); + $form = new Form('resetPasswordForm'); -$form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'login','style'=>'width: 300px;')); +$form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'login','style'=>'width: 300px;','value'=>$cl_login)); $form->addInput(array('type'=>'submit','name'=>'btn_submit','value'=>$i18n->get('button.reset_password'))); if ($request->isPost()) { - $cl_login = $request->getParameter('login'); - // Validate user input. if (!ttValidString($cl_login)) $err->add($i18n->get('error.field'), $i18n->get('label.login')); -- 2.20.1