Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Comparing changes

Choose two branches to see what's changed or to start a new pull request. If you need to, you can also compare across forks.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also compare across forks.
...
Checking mergeability… Don't worry, you can still create the pull request.
  • 6 commits
  • 5 files changed
  • 0 commit comments
  • 2 contributors
View
3  lib/routes.js
@@ -34,6 +34,7 @@ var SearchTagIssue = require('searchTagIssue').SearchTagIssue;
var EditComments = require('editComments').EditComments;
var DeleteComments = require('deleteComments').DeleteComments;
var About = require('about').About;
+var EditPassword = require('editPassword').EditPassword;
var r = new Router();
@@ -79,5 +80,7 @@ r.add('/deleteComments', DeleteComments.display);
r.add('/saveComments', EditComments.save);
r.add('/confirmDeleteComments', DeleteComments.confirmed);
r.add('/about', About.display);
+r.add('/editPassword', EditPassword.buildEditPassword);
+r.add('/handleEditPassword', EditPassword.handleEditPassword);
exports.router = r;
View
99 node_modules/editPassword.js
@@ -0,0 +1,99 @@
+/*
+ * Module for editing password
+ *
+ */
+
+var dbAccess = require('dbAccess');
+var qs = require('querystring');
+var crypto = require('crypto');
+var url = require('url');
+
+var view = 'views/editPassword.html';
+
+var EditPassword = exports.EditPassword = function() {
+};
+/*
+ *
+ */
+EditPassword.buildEditPassword = function(request, response)
+{
+ var urlInfo = url.parse(request.url, true);
+ var message = urlInfo.query['message'];
+ request.getUser(function(error, user){
+ if (error){
+ // If a database error is generated, just spit out failure message
+ console.log('Error occured reading user profile from DataBase:' + error.toString());
+ console.log(sqlUpdateUserProfile);
+ response.render(view, {error: 'Error occured during database access'});
+ return;
+ }else if (user){
+ values = {};
+ values.userid = user.id;
+ values.message=message;
+ response.render(view, values);
+ }
+ });
+}
+
+/*
+ * Save updated password to the database
+ */
+EditPassword.handleEditPassword = function(request, response)
+{
+ // The form data from the request is first read into newPasswordString
+ var newPasswordString = '';
+
+ request.on('data', function(chunk){
+ newPasswordString += chunk.toString();
+ });
+
+ request.on('end', function(){
+ // parse the update profile information
+ var updateInfo = qs.parse(newPasswordString);
+ var oldpassword = updateInfo['password'];
+ var newpassword = updateInfo['new_password'];
+ var confirmpassword = updateInfo['confirm_password'];
+ var userid = updateInfo['userid'];
+ var newCryptoPassword = crypto.createHash('md5').update(newpassword).digest("hex");
+ var confirmCryptoPassword = crypto.createHash('md5').update(confirmpassword).digest("hex");
+ var oldCryptoPassword = crypto.createHash('md5').update(oldpassword).digest("hex");
+
+ // Verify old password
+ var sqlUpdateUserProfile = "SELECT * FROM users WHERE id='" + userid +"';";
+ dbAccess.runQuery(sqlUpdateUserProfile, function(error, rows){
+ if(error) {
+ response.render(view, {error: 'Error occured during saving password to database'});
+ }
+ else {
+ console.log('user id:'+userid);
+ var dbpassword = rows[0]['password'];
+ if (oldCryptoPassword != dbpassword){//incorrect old password
+ //response.render(view, {error: 'Incorrect password entered. Please try again.'});
+ response.redirectTo('/editPassword?message=Incorrect Password');
+ }else if(confirmCryptoPassword != newCryptoPassword || newpassword =="" || confirmpassword==""){// check that new password match confirmed password and empty new password
+ //response.render(view, {error: 'Confirm password incorrect. Please try again.'});
+ response.redirectTo('/editPassword?message=Confirm Password Incorrect');
+ }else{
+ //all correct
+ console.log("update password");
+ var sqlUpdateUserProfile = "UPDATE users SET "
+ + "password='" + newCryptoPassword
+ + "' "
+ + "WHERE id='" + userid
+ + "' AND password='" + oldCryptoPassword
+ + "';";
+ dbAccess.runQuery(sqlUpdateUserProfile, function(error, rows){
+ if(error){
+ response.render(view, {error: 'Error updated password.'});
+ }else{
+ console.log('database save successful!');
+ //response.render(view, {message: 'Password updated'});
+ response.redirectTo('/editPassword?message=Update Successful');
+ }
+ });
+ }
+ }
+ });
+ });
+
+}
View
64 node_modules/editProfileModule.js
@@ -22,7 +22,7 @@ EditProfileModule.buildEditProfilePage = function(request, response)
console.log("Edit user profile page requested.");
var urlInfo = url.parse(request.url, true);
- //var userid = urlInfo.query['id'];
+ var message = urlInfo.query['message'];
// find which user is logged in and get existing profile
//dbAccess.find('users', { conditions:['id="' + userid + '"'] }, function(error, results){
@@ -43,6 +43,7 @@ EditProfileModule.buildEditProfilePage = function(request, response)
values = {};
values.name = user.name;
+ values.message =message;
values.email = user.email;
values.neighborhood = user.neighborhood || '';
values.postal_code = user.postal_code || '';
@@ -123,44 +124,15 @@ EditProfileModule.handleEditProfile = function(request, res)
var email = updateInfo['email'];
var neighborhood = updateInfo['neighborhood'];
var postalcode = updateInfo['postal_code'];
- var oldpassword = updateInfo['password'];
- var newpassword = updateInfo['new_password'];
- var confirmpassword = updateInfo['confirm_password'];
var facebookaccount = updateInfo['facebook'];
var twitteraccount = updateInfo['twitter'];
var website = updateInfo['website'];
- // Encrypt passwords
- if (!newpassword){
- newpassword = oldpassword;
- }
- var newCryptoPassword = crypto.createHash('md5').update(newpassword).digest("hex");
- var oldCryptoPassword = crypto.createHash('md5').update(oldpassword).digest("hex");
- // Verify old password
- var sqlUpdateUserProfile = "SELECT * FROM users WHERE id='" + userid +"';";
- dbAccess.runQuery(sqlUpdateUserProfile, function(error, rows){
- if(error) {
- // If a database error is generated, just spit out failure message
- console.log('Error occured saving to DataBase during profile update:' + error.toString());
- console.log(sqlUpdateUserProfile);
- res.writeHead(500, { 'Content-Type' : 'text/html' });
- res.end('<html><body><h1>Edit Profile Failed</h1></body></html>');
- return;
- }
- else {
- // check that passwords are a match
- var dbpassword = rows[0]['password'];
- if (oldCryptoPassword != dbpassword){
- res.writeHead(403, { 'Content-Type' : 'text/html' });
- res.end('<html><body><h1>Incorrect Password</h1><a href="/editProfile?id='+userid+'">Try again</a><br><a href="/index.html">Home</a></body></html>');
- res.end('<html><body><h1></h1></body></html>');
- }
- else {
- //updateUserProfile();
- // Build SLQ and insert the new user into the database
- console.log("updateUserProfile");
- var sqlUpdateUserProfile = "UPDATE users SET "
+ //updateUserProfile();
+ // Build SLQ and insert the new user into the database
+ console.log("updateUserProfile");
+ var sqlUpdateUserProfile = "UPDATE users SET "
+ "name='" + name
+ "', email='" + email
+ "', neighborhood='" + neighborhood
@@ -168,31 +140,29 @@ EditProfileModule.handleEditProfile = function(request, res)
+ "', facebook_account='" + facebookaccount
+ "', twitter_account='" + twitteraccount
+ "', website='" + website
- + "', password='" + newCryptoPassword
+ "' "
+ "WHERE id='" + userid
- + "' AND password='" + oldCryptoPassword
+ "';";
- dbAccess.runQuery(sqlUpdateUserProfile, function(error, rows){
+ dbAccess.runQuery(sqlUpdateUserProfile, function(error, rows){
if(error) {
// If a database error is generated, just spit out failure message
- console.log('Error occured saving to DataBase during profile update:' + error.toString());
- console.log(sqlUpdateUserProfile);
- res.writeHead(500, { 'Content-Type' : 'text/html' });
- res.end('<html><body><h1>Edit Profile Failed</h1><a href="/index.html">Home</a></body></html>');
+ //console.log('Error occured saving to DataBase during profile update:' + error.toString());
+ //console.log(sqlUpdateUserProfile);
+ //res.writeHead(500, { 'Content-Type' : 'text/html' });
+ //res.end('<html><body><h1>Edit Profile Failed</h1><a href="/index.html">Home</a></body></html>');
+ res.redirectTo('/editProfile?message=Can Not Update Profile');
}
else {
// On success, redirect user to index page.
- console.log('database save successful!');
+ //console.log('database save successful!');
//res.writeHead(302, { 'Location' : '/index.html' });
//res.end();
- res.writeHead(200, { 'Content-Type' : 'text/html' });
- res.end('<html><body><h1>Profile updated successfully</h1><a href="/index.html">Home</a></body></html>');
+ //res.writeHead(200, { 'Content-Type' : 'text/html' });
+ //res.end('<html><body><h1>Profile updated successfully</h1><a href="/index.html">Home</a></body></html>');
+ res.redirectTo('/editProfile?message=Update Successful');
}
});
- }
- }
- });
+
});
}
View
11 views/editPassword.html
@@ -0,0 +1,11 @@
+<h1>Change Password</h1>
+
+<form id= 'updatePassword_form' action="handleEditPassword" method="post">
+ <p><h2>{{message}}</h2></p>
+ <p>Password (required)<br><input type="password" name="password"></p>
+ <p>New Password<br><input type="password" name="new_password"></p>
+ <p>Confirm New Password<br><input type="password" name="confirm_password"></p>
+ <p><input type="text" name="userid" style="visibility: hidden;" value="{{userid}}"><p>
+ <input type='submit' value='Update'>
+</form>
+
View
9 views/editProfile.html
@@ -7,23 +7,22 @@
</tr>
<tr>
<td>
+
<form id="editProfile_form" action="handleEditProfile" method="post" enctype="application/x-www-form-urlencoded" onsubmit="return editProfileValidate(this);">
+ <p><h2>{{message}}</h2></p>
<p>Name<br><input type="text" name="name" value="{{name}}"></p>
+ <p><a href = "editPassword">Change Password</a></p>
<p>Email<br><input type="text" name="email" value="{{email}}"></p>
<p>Neighborhood<br><input type="text" name="neighborhood" value="{{neighborhood}}"></p>
<p>Postal Code<br><input type="text" name="postal_code" value="{{postal_code}}"></p>
<p>Your Facebook Account<br> <input type="text" name="facebook" value="{{facebook_account}}" /></p>
<p>Your Twitter Account<br> <input type="text" name="twitter" value="{{twitter_account}}" /></p>
<p>Your Website<br> http://<input type="text" name="website" value="{{website}}" /></p>
- <br>
- <p>New Password (optional)<br><input type="password" name="new_password"></p>
- <p>Confirm New Password<br><input type="password" name="confirm_password"></p>
<p><input type="text" name="userid" style="visibility: hidden;" value="{{userid}}"><p>
<br>
- <p>Password (required)<br><input type="password" name="password"></p>
-
<input type="submit" value="Update" />
</form>
+
</td>
</tr>
</table>

No commit comments for this range

Something went wrong with that request. Please try again.