Users can now add an SSH public key on the account edit page. This will
later be used to authenticate users via SSH.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
In 7df8dc8 (Add support for deleting user accounts, 2014-07-25), a link
to the account deletion page was added to the account edit form. Make
sure we only show this link if the user actually wants to edit an
account and do not show this link on the account registration page.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Users can now delete their own accounts by clicking a link in the
account edit form and confirming the deletion on a follow-up page.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Add a new function has_credential() that checks whether the currently
logged in user is allowed to perform a given action. Moving all
permission handling to this central place makes adding new user groups
and adjusting permissions much more convenient.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This adds a field to the users table and corresponding fields to the
account edit and display forms that allow for setting an (in-)activity
status.
This might turn out to be useful if a user is on vacation and can not
respond to update/orphan/deletion requests.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Remove the password field from the account creation form and always send
a password reset request via e-mail instead. This ensures that only
users with valid e-mail addresses are able to login.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
We used a mixture of account type IDs and account type descriptions on
the account edit page. This resulted in the account type field always
defaulting to "Normal user" after an invalid form had been submitted.
Consistently use account type IDs to avoid this.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Add </option> close tags
* Add VI delimiter to selected option
* Add quotes to language codes
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
As all new passwords are hashed and therefore stored in the database
at the same length, this limitation is no longer needed.
Fixes FS#31855
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Replace all occurrences of "<?php echo" and "<?php print" by "<?=" to
reduce noise in templates.
Note that as of PHP 5.4.0, "<?=" is always available and no longer
requires "short_open_tag" to be set.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
The account editing form requires two different form action URLs
due to the fact that the same template is shared for both account
registration and account editing.
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
The "UpdateAccount" page displays information as to whether an account
update was successful. All POST account info goes to this page, so use
it with sane URLs.
Before:
AUR_URL/account/?Action=UpdateAccount&U=userfoo
After:
AUR_URL/account/userfoo/update
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Use virtual paths in links (e.g. link to "/packages/" instead of
"/packages.php" etc.) if the virtual path feature is enabled.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
XHTML should be eliminated from lib/ as much as possible. This pulls the XHTML
out of a function that simply echoes the code, and moves it into a more
reasonable template file in account_edit_form.php
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
