Fixed issue: no error message when failed to change password

LimeSurvey · Feb 14, 2018 · d3d9592 · d3d9592
1 parent 6b67aae
commit d3d9592
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 8 deletions.
diff --git a/application/controllers/admin/useraction.php b/application/controllers/admin/useraction.php
@@ -590,35 +590,50 @@ public function personalsettings()
     {
         // Save Data
         if (Yii::app()->request->getPost("action")) {
-            $oUserModel = User::model()->findByPk(Yii::app()->session['loginID']);
-            $oUserModel->lang = Yii::app()->request->getPost('lang');
-            $oUserModel->dateformat = Yii::app()->request->getPost('dateformat');
-            $oUserModel->htmleditormode = Yii::app()->request->getPost('htmleditormode');
+
+            $oUserModel                       = User::model()->findByPk(Yii::app()->session['loginID']);
+            $oUserModel->lang                 = Yii::app()->request->getPost('lang');
+            $oUserModel->dateformat           = Yii::app()->request->getPost('dateformat');
+            $oUserModel->htmleditormode       = Yii::app()->request->getPost('htmleditormode');
             $oUserModel->questionselectormode = Yii::app()->request->getPost('questionselectormode');
-            $oUserModel->templateeditormode = Yii::app()->request->getPost('templateeditormode');
-            $oUserModel->full_name = Yii::app()->request->getPost('fullname');
-            $oUserModel->email = Yii::app()->request->getPost('email');
+            $oUserModel->templateeditormode   = Yii::app()->request->getPost('templateeditormode');
+            $oUserModel->full_name            = Yii::app()->request->getPost('fullname');
+            $oUserModel->email                = Yii::app()->request->getPost('email');
+
+            if ( Yii::app()->request->getPost('newpasswordshown') == "1"  ) {
+
+                if (Yii::app()->getConfig('demoMode')){
+                    Yii::app()->setFlashMessage(gT("You can't change password on demo."), 'error');
+                    $this->getController()->redirect(array("admin/user/sa/personalsettings"));
+                }
 
-            if (Yii::app()->request->getPost('password') != '' && !Yii::app()->getConfig('demoMode')) {
                 $oldPassword = Yii::app()->request->getPost('oldpassword');
                 $newPassword = Yii::app()->request->getPost('password');
                 $repeatPassword = Yii::app()->request->getPost('repeatpassword');
 
                 if (!$oUserModel->checkPassword($oldPassword)) {
                     // Always check password
                     Yii::app()->setFlashMessage(gT("Your new password was not saved because the old password was wrong."), 'error');
+                    $this->getController()->redirect(array("admin/user/sa/personalsettings"));
+
                 } elseif (trim($oldPassword) === trim($newPassword)) {
                     //First test if old and new password are identical => no need to save it (or ?)
                     Yii::app()->setFlashMessage(gT("Your new password was not saved because it matches the old password."), 'error');
+                    $this->getController()->redirect(array("admin/user/sa/personalsettings"));
                 } elseif (trim($newPassword) !== trim($repeatPassword)) {
                     //Then test the new password and the repeat password for identity
                     Yii::app()->setFlashMessage(gT("Your new password was not saved because the passwords did not match."), 'error');
+                    $this->getController()->redirect(array("admin/user/sa/personalsettings"));
                 //Now check if the old password matches the old password saved
+                } elseif( empty(trim($newPassword)) ) {
+                Yii::app()->setFlashMessage(gT("Password can't be empty"), 'error');
+                $this->getController()->redirect(array("admin/user/sa/personalsettings"));
                 } else {
                     // We can update
                     $oUserModel->setPassword($newPassword);
                 }
             }
+
             $uresult = $oUserModel->save();
             if ($uresult) {
                 if (Yii::app()->request->getPost('lang') == 'auto') {

diff --git a/application/views/admin/user/personalsettings.php b/application/views/admin/user/personalsettings.php
@@ -63,7 +63,9 @@
                                     <i class="fa fa-lock"></i>
                                     <?=gT("Change password")?>
                                 </button>
+
                                 <br/>
+                                <input type="hidden" id="newpasswordshown" name="newpasswordshown" value="0" />
                             </div>
                             <div class="col-md-9">
                                 <div class="container-fluid">
@@ -236,5 +238,11 @@ function(i,item){
         }
     );
     $(this).find('i').toggleClass('fa-unlock').toggleClass('fa-lock');
+    if ( $('#newpasswordshown').val() == '0' ){
+        $('#newpasswordshown').val('1');
+    }else{
+        $('#newpasswordshown').val('0');
+    }
+
 });
 ", LSYii_ClientScript::POS_POSTSCRIPT);