ask for current password when editing the settings

This commit is contained in:
Robin 2010-03-18 21:37:25 +01:00
parent e86d03f02c
commit bcd2b6f5f1
4 changed files with 30 additions and 14 deletions

View file

@ -28,15 +28,22 @@ class OC_CONFIG{
global $CONFIG_DBNAME;
global $CONFIG_DBUSER;
global $CONFIG_DBPASSWORD;
global $CONFIG_ADMINLOGIN;
global $CONFIG_ADMINPASSWORD;
if(isset($_POST['set_config'])){
//checkdata
$error='';
$FIRSTRUN=empty($CONFIG_ADMINLOGIN);
if(!$FIRSTRUN){
if($_POST['currentpassword']!=$CONFIG_ADMINPASSWORD){
$error.='wrong password';
}
}
if(!isset($_POST['adminlogin']) or empty($_POST['adminlogin'])) $error.='admin login not set<br />';
if(!isset($_POST['adminpassword']) or empty($_POST['adminpassword'])) $error.='admin password not set<br />';
if(!isset($_POST['adminpassword2']) or empty($_POST['adminpassword2'])) $error.='retype admin password not set<br />';
if(!isset($_POST['adminpassword']) or empty($_POST['adminpassword']) and $FIRSTRUN) $error.='admin password not set<br />';
if(!isset($_POST['adminpassword2']) or empty($_POST['adminpassword2']) and $FIRSTRUN) $error.='retype admin password not set<br />';
if(!isset($_POST['datadirectory']) or empty($_POST['datadirectory'])) $error.='data directory not set<br />';
if(!isset($_POST['dateformat']) or empty($_POST['dateformat'])) $error.='dteformat not set<br />';
if(!isset($_POST['dbhost']) or empty($_POST['dbhost'])) $error.='database host not set<br />';
@ -47,6 +54,9 @@ class OC_CONFIG{
if($_POST['dbpassword']<>$_POST['dbpassword2'] ) $error.='database passwords are not the same<br />';
if($_POST['adminpassword']<>$_POST['adminpassword2'] ) $error.='admin passwords are not the same<br />';
if(!isset($_POST['adminpassword']) or empty($_POST['adminpassword']) and !$FIRSTRUN){
$_POST['adminpassword']=$CONFIG_ADMINPASSWORD;
}
if(empty($error)) {
//create/fill database

View file

@ -1,6 +1,5 @@
<?php
global $createDB;
global $fillDB;
global $FIRSTRUN;
if(!isset($createDB)) $createDB=true;
if(!isset($fillDB)) $fillDB=true;
?>
@ -13,9 +12,15 @@ document.getElementById('dbAdminPwd').style.display=(show)?'table-row':'none';
</script>
<form method="post" enctype="multipart/form-data">
<table cellpadding="5" cellspacing="5" border="0" class="loginform">
<?php
if(!$FIRSTRUN){?>
<tr><td>current password</td><td><input type="password" name="currentpassword" size="30" class="formstyle"></input></td></tr>
<?php
}
?>
<tr><td>admin login:</td><td><input type="text" name="adminlogin" size="30" class="formstyle" value="<?php echo($CONFIG_ADMINLOGIN);?>"></input></td></tr>
<tr><td>admin password:</td><td><input type="password" name="adminpassword" size="30" class="formstyle" value="<?php echo($CONFIG_ADMINPASSWORD);?>"></input></td></tr>
<tr><td>retype admin password:</td><td><input type="password" name="adminpassword2" size="30" class="formstyle" value="<?php echo($CONFIG_ADMINPASSWORD);?>"></input></td></tr>
<tr><td>admin password:</td><td><input type="password" name="adminpassword" size="30" class="formstyle"></input></td><td>(leave empty to keep current password)</td></tr>
<tr><td>retype admin password:</td><td><input type="password" name="adminpassword2" size="30" class="formstyle"></input></td></tr>
<tr><td>data directory:</td><td><input type="text" name="datadirectory" size="30" class="formstyle" value="<?php echo($CONFIG_DATADIRECTORY);?>"></input></td></tr>
<tr><td>force ssl:</td><td><input type="checkbox" name="forcessl" size="30" class="formstyle" value='<?php echo($CONFIG_HTTPFORCESSL);?>'></input></td></tr>
<tr><td>date format:</td><td><input type="text" name="dateformat" size="30" class="formstyle" value='<?php echo($CONFIG_DATEFORMAT);?>'></input></td></tr>
@ -24,10 +29,10 @@ document.getElementById('dbAdminPwd').style.display=(show)?'table-row':'none';
<tr><td>database user:</td><td><input type="text" name="dbuser" size="30" class="formstyle" value='<?php echo($CONFIG_DBUSER);?>'></input></td></tr>
<tr><td>database password:</td><td><input type="password" name="dbpassword" size="30" class="formstyle" value='<?php echo($CONFIG_DBPASSWORD);?>'></input></td></tr>
<tr><td>retype database password:</td><td><input type="password" name="dbpassword2" size="30" class="formstyle" value='<?php echo($CONFIG_DBPASSWORD);?>'></input></td></tr>
<tr><td>create database and user:</td><td><input id='dbCreate' type="checkbox" name="createdatabase" size="30" class="formstyle" value='1' <?php if($createDB) echo 'checked'; ?> onchange='showDBAdmin()'></input></td></tr>
<tr><td>create database and user:</td><td><input id='dbCreate' type="checkbox" name="createdatabase" size="30" class="formstyle" value='1' <?php if($FIRSTRUN) echo 'checked'; ?> onchange='showDBAdmin()'></input></td></tr>
<tr id='dbAdminUser'><td>database administrative user:</td><td><input type="text" name="dbadminuser" size="30" class="formstyle" value='root'></input></td></tr>
<tr id='dbAdminPwd'><td>database administrative password:</td><td><input type="password" name="dbadminpwd" size="30" class="formstyle" value=''></input></td></tr>
<tr><td>automaticly fill initial database:</td><td><input type="checkbox" name="filldb" size="30" class="formstyle" value='1' <?php if($fillDB) echo 'checked'; ?>></input></td></tr>
<tr><td>automaticly fill initial database:</td><td><input type="checkbox" name="filldb" size="30" class="formstyle" value='1' <?php if($FIRSTRUN) echo 'checked'; ?>></input></td></tr>
<tr><td></td><td><input type="submit" name="set_config" alt="save" value="save" class="formstyle" /></td></tr>
</table></form>
<script type="text/javascript">showDBAdmin()</script>

View file

@ -12,7 +12,9 @@ echo('<h1><a id="owncloud-logo" href="'.$WEBROOT.'/"><span>ownCloud</span></a></
// check if already configured. otherwise start configuration wizard
$error=OC_CONFIG::writeconfiglisener();
echo $error;
if(empty($CONFIG_ADMINLOGIN)) {
$FIRSTRUN=true;
echo('<div class="center">');
echo('<p class="errortext">'.$error.'</p>');
echo('<p class="highlighttext">First Run Wizard</p>');

View file

@ -24,11 +24,10 @@
require_once('../inc/lib_base.php');
OC_UTIL::showheader();
//uncheck the create and fill db options on default.
$createDB=false;
$fillDB=false;
$FIRSTRUN=false;
echo('<div class="center">');
OC_CONFIG::showconfigform();