Home Explore Help
Register Sign In
blallo
/
tt-rss
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

add defaultPasswordWarning nag dialog

Andrew Dolgov 6 years ago
parent
31e2811a63
commit
7c0eb1b621
4 changed files with 48 additions and 3 deletions
Split View Show Diff Stats
  1. 12 0
      classes/dlg.php
  2. 13 3
      classes/pref/prefs.php
  3. 1 0
      include/functions.php
  4. 22 0
      js/feedlist.js

+ 12 - 0
classes/dlg.php
View File 

@@ -185,4 +185,16 @@ class Dlg extends Handler_Protected {
 
 		//return;
 
 	}
 
 
+	function defaultPasswordWarning() {
 
+
 
+    	print_warning(__("You are using default tt-rss password. Please change it in the Preferences (Personal data / Authentication)."));
 
+
 
+		print "<div align='center'>";
 
+		print "<button dojoType=\"dijit.form.Button\" onclick=\"gotoPreferences()\">".
 
+			__('Open Preferences')."</button> ";
 
+		print "<button dojoType=\"dijit.form.Button\"
 
+			onclick=\"return closeInfoBox()\">".
 
+			__('Close this window')."</button>";
 
+		print "</div>";
 
+	}
 
 }

+ 13 - 3
classes/pref/prefs.php
View File 

@@ -207,7 +207,7 @@ class Pref_Prefs extends Handler_Protected {
 
 
 		$email = htmlspecialchars($row["email"]);
 
 		$full_name = htmlspecialchars($row["full_name"]);
 
-		$otp_enabled = $row["otp_enabled"];
 
+		$otp_enabled = sql_bool_to_bool($row["otp_enabled"]);
 
 
 		print "<tr><td width=\"40%\">".__('Full name')."</td>";
 
 		print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" name=\"full_name\" required=\"1\"
 
@@ -864,7 +864,7 @@ class Pref_Prefs extends Handler_Protected {
 
 			$base32 = new Base32();
 
 
 			$login = $row["login"];
 
-			$otp_enabled = $row["otp_enabled"];
 
+			$otp_enabled = sql_bool_to_bool($row["otp_enabled"]);
 
 
 			if (!$otp_enabled) {
 
 				$secret = $base32->encode(sha1($row["salt"]));
 
@@ -888,7 +888,7 @@ class Pref_Prefs extends Handler_Protected {
 
 
 		if ($authenticator->check_password($_SESSION["uid"], $password)) {
 
 
-			$sth = $this->pdo->prepare("SELECT salt
 
+			$sth = $this->pdo->query("SELECT salt
 
 				FROM ttrss_users
 
 				WHERE id = ?");
 
 			$sth->execute([$_SESSION['uid']]);
 
@@ -920,6 +920,16 @@ class Pref_Prefs extends Handler_Protected {
 
 
 	}
 
 
+	static function isdefaultpassword() {
 
+		$authenticator = PluginHost::getInstance()->get_plugin($_SESSION["auth_module"]);
 
+
 
+		if ($authenticator->check_password($_SESSION["uid"], "password")) {
 
+			return true;
 
+		}
 
+
 
+		return false;
 
+	}
 
+
 
 	function otpdisable() {
 
 		$password = $_REQUEST["password"];

+ 1 - 0
include/functions.php
View File 

@@ -1077,6 +1077,7 @@
 
 		$params["default_view_limit"] = (int) get_pref("_DEFAULT_VIEW_LIMIT");
 
 		$params["default_view_order_by"] = get_pref("_DEFAULT_VIEW_ORDER_BY");
 
 		$params["bw_limit"] = (int) $_SESSION["bw_limit"];
 
+		$params["is_default_pw"] = Pref_Prefs::isdefaultpassword();
 
 		$params["label_base_index"] = (int) LABEL_BASE_INDEX;
 
 
 		$theme = get_pref( "USER_CSS_THEME", false, false);

+ 22 - 0
js/feedlist.js
View File 

@@ -198,6 +198,28 @@ function feedlist_init() {
 
 
 	hideOrShowFeeds(getInitParam("hide_read_feeds") == 1);
 
 
+	if (getInitParam("is_default_pw")) {
 
+		console.warn("user password is at default value");
 
+
 
+		var dialog = new dijit.Dialog({
 
+			title: __("Your password is at default value"),
 
+			href: "backend.php?op=dlg&method=defaultpasswordwarning",
 
+			id: 'infoBox',
 
+			style: "width: 600px",
 
+			onCancel: function() {
 
+				return true;
 
+			},
 
+			onExecute: function() {
 
+				return true;
 
+			},
 
+			onClose: function() {
 
+				return true;
 
+			}
 
+		});
 
+
 
+		dialog.show();
 
+	}
 
+
 
 	// bw_limit disables timeout() so we request initial counters separately
 
     if (getInitParam("bw_limit") == "1") {
 
 		request_counters(true);