2018-04-11

app/Controllers/Routing.php

@@ -80,17 +80,18 @@ class Routing
                 $r->add('GET',  '/userlist[/{sort:username|registered|num_posts}/{dir:ASC|DESC}/{group:\-1|[1-9]\d*}/{name}][/{page:[1-9]\d*}]', 'Userlist:view', 'Userlist');
                 $r->add('POST', '/userlist', 'Userlist:view');
                 // юзеры
-                $r->add('GET',           '/user/{id:[2-9]|[1-9]\d+}/{name}',       'Profile:view',   'User');
-                $r->add(['GET', 'POST'], '/user/{id:[2-9]|[1-9]\d+}/edit/profile', 'Profile:edit',   'EditUserProfile');
-                $r->add(['GET', 'POST'], '/user/{id:[2-9]|[1-9]\d+}/edit/config',  'Profile:config', 'EditBoardConfig');
-                $r->add(['GET', 'POST'], '/user/{id:[2-9]|[1-9]\d+}/change/email', 'Profile:email',  'ChangeUserEmail');
-
+                $r->add('GET',           '/user/{id:[2-9]|[1-9]\d+}/{name}',          'Profile:view',   'User');
+                $r->add(['GET', 'POST'], '/user/{id:[2-9]|[1-9]\d+}/edit/profile',    'Profile:edit',   'EditUserProfile');
+                $r->add(['GET', 'POST'], '/user/{id:[2-9]|[1-9]\d+}/edit/config',     'Profile:config', 'EditBoardConfig');
+                $r->add(['GET', 'POST'], '/user/{id:[2-9]|[1-9]\d+}/edit/email',      'Profile:email',  'EditUserEmail');
+                $r->add(['GET', 'POST'], '/user/{id:[2-9]|[1-9]\d+}/edit/passphrase', 'Profile:pass',   'EditUserPass');
             } elseif (! $user->isGuest) {
                 // только свой профиль
-                $r->add('GET',           '/user/{id:' . $user->id . '}/{name}',       'Profile:view',   'User');
-                $r->add(['GET', 'POST'], '/user/{id:' . $user->id . '}/edit/profile', 'Profile:edit',   'EditUserProfile');
-                $r->add(['GET', 'POST'], '/user/{id:' . $user->id . '}/edit/config',  'Profile:config', 'EditBoardConfig');
-                $r->add(['GET', 'POST'], '/user/{id:' . $user->id . '}/change/email', 'Profile:email',  'ChangeUserEmail');
+                $r->add('GET',           '/user/{id:' . $user->id . '}/{name}',          'Profile:view',   'User');
+                $r->add(['GET', 'POST'], '/user/{id:' . $user->id . '}/edit/profile',    'Profile:edit',   'EditUserProfile');
+                $r->add(['GET', 'POST'], '/user/{id:' . $user->id . '}/edit/config',     'Profile:config', 'EditBoardConfig');
+                $r->add(['GET', 'POST'], '/user/{id:' . $user->id . '}/edit/email',      'Profile:email',  'EditUserEmail');
+                $r->add(['GET', 'POST'], '/user/{id:' . $user->id . '}/edit/passphrase', 'Profile:pass',   'EditUserPass');
             }
             // смена своего email
             if (! $user->isGuest) {

app/Models/Pages/Auth.php

@@ -158,7 +158,7 @@ class Auth extends Page
                 ->addValidators([
                 ])->addRules([
                     'token' => 'token:Forget',
-                    'email' => 'required|string:trim,lower|email:banned,exists,flood',
+                    'email' => 'required|string:trim,lower|email:noban,exists,flood',
                 ])->addAliases([
                 ])->addMessages([
                     'email.email' => 'Invalid email',
@@ -253,7 +253,7 @@ class Auth extends Page
                 ]);
 
             if ($v->validation($_POST)) {
-                $user->password        = \password_hash($v->password, PASSWORD_DEFAULT);
+                $user->password        = \password_hash($v->password, \PASSWORD_DEFAULT);
                 $user->email_confirmed = 1;
                 $user->activate_string = '';
 

app/Models/Pages/PostValidatorTrait.php

@@ -100,7 +100,7 @@ trait PostValidatorTrait
     protected function messageValidator(Model $model, $marker, array $args, $editPost = false, $editSubject = false)
     {
         if ($this->user->isGuest) {
-            $ruleEmail    = ('1' == $this->c->config->p_force_guest_email ? 'required|' : '') . 'string:trim,lower|email:banned';
+            $ruleEmail    = ('1' == $this->c->config->p_force_guest_email ? 'required|' : '') . 'string:trim,lower|email:noban';
             $ruleUsername = 'required|string:trim,spaces|username';
         } else {
             $ruleEmail    = 'absent';

app/Models/Pages/Profile.php

@@ -209,12 +209,12 @@ class Profile extends Page
                 ->addValidators([
                     'check_password' => [$this, 'vCheckPassword'],
                 ])->addRules([
-                    'token'     => 'token:ChangeUserEmail',
+                    'token'     => 'token:EditUserEmail',
                     'password'  => 'required|string:trim|check_password',
-                    'new_email' => 'required|string:trim,lower|email:banned,unique,flood',
+                    'new_email' => 'required|string:trim,lower|email:noban,unique,flood',
                 ])->addAliases([
                     'new_email' => 'New email',
-                    'password'  => 'Your password',
+                    'password'  => 'Your passphrase',
                 ])->addArguments([
                     'token'           => ['id' => $this->curUser->id],
                     'new_email.email' => $this->curUser,
@@ -274,9 +274,9 @@ class Profile extends Page
         }
 
         $form = [
-            'action' => $this->c->Router->link('ChangeUserEmail', ['id' => $this->curUser->id]),
+            'action' => $this->c->Router->link('EditUserEmail', ['id' => $this->curUser->id]),
             'hidden' => [
-                'token' => $this->c->Csrf->create('ChangeUserEmail', ['id' => $this->curUser->id]),
+                'token' => $this->c->Csrf->create('EditUserEmail', ['id' => $this->curUser->id]),
             ],
             'sets'   => [
                 [
@@ -295,7 +295,7 @@ class Profile extends Page
                         'password' => [
                             'id'        => 'password',
                             'type'      => 'password',
-                            'caption'   => \ForkBB\__('Your password'),
+                            'caption'   => \ForkBB\__('Your passphrase'),
                             'required'  => true,
                         ],
                     ],
@@ -312,7 +312,8 @@ class Profile extends Page
 
         $this->robots     = 'noindex';
         $this->crumbs     = $this->extCrumbs(
-            [$this->c->Router->link('ChangeUserEmail', ['id' => $this->curUser->id]), \ForkBB\__('Change email')]
+            [$this->c->Router->link('EditUserEmail', ['id' => $this->curUser->id]), \ForkBB\__('Change email')],
+            [$this->c->Router->link('EditUserProfile', ['id' => $this->curUser->id]), \ForkBB\__('Editing profile')]
         );
         $this->fIndex     = $this->rules->my ? 'profile' : 'userlist';
         $this->nameTpl    = 'profile';
@@ -353,6 +354,118 @@ class Profile extends Page
         return $this->c->Redirect->url($this->user->link)->message('Email changed redirect');
     }
 
+    /**
+     * Подготавливает данные для шаблона просмотра профиля
+     *
+     * @param array $args
+     * @param string $method
+     *
+     * @return Page
+     */
+    public function pass(array $args, $method)
+    {
+        $this->curUser = $this->c->users->load((int) $args['id']);
+
+        if (! $this->curUser instanceof User || ($this->curUser->isUnverified && ! $this->user->isAdmMod)) {
+            return $this->c->Message->message('Bad request');
+        }
+
+        $this->rules = $this->c->ProfileRules->setUser($this->curUser);
+
+        if (! $this->rules->editPass) {
+            return $this->c->Message->message('Bad request');
+        }
+
+        $this->c->Lang->load('profile');
+
+        if ('POST' === $method) {
+            $v = $this->c->Validator->reset()
+                ->addValidators([
+                    'check_password' => [$this, 'vCheckPassword'],
+                ])->addRules([
+                    'token'     => 'token:EditUserPass',
+                    'password'  => 'required|string:trim|check_password',
+                    'new_pass'  => 'required|string:trim,lower|password',
+                ])->addAliases([
+                    'new_pass'  => 'New pass',
+                    'password'  => 'Your passphrase',
+                ])->addArguments([
+                    'token'           => ['id' => $this->curUser->id],
+                ])->addMessages([
+                ]);
+
+            if ($v->validation($_POST)) {
+//                if (\password_verify($v->new_pass, $this->curUser->password)) {
+//                    return $this->c->Redirect->page('EditUserProfile', ['id' => $this->curUser->id])->message('Email is old redirect');
+//                }
+
+                $this->curUser->password = \password_hash($v->new_pass, \PASSWORD_DEFAULT);
+                $this->c->users->update($this->curUser);
+
+                if ($this->rules->my) {
+#                    $auth = $this->c->Auth;
+#                    $auth->fIswev = ['s' => [\ForkBB\__('Pass updated')]];
+#                    return $auth->login(['_username' => $this->curUser->username], 'GET');
+                    return $this->c->Redirect->page('Login')->message('Pass updated'); // ????
+                } else {
+                    return $this->c->Redirect->page('EditUserProfile', ['id' => $this->curUser->id])->message('Pass updated redirect');
+                }
+            }
+
+            $this->fIswev = $v->getErrors();
+        }
+
+        $form = [
+            'action' => $this->c->Router->link('EditUserPass', ['id' => $this->curUser->id]),
+            'hidden' => [
+                'token' => $this->c->Csrf->create('EditUserPass', ['id' => $this->curUser->id]),
+            ],
+            'sets'   => [
+                [
+                    'class'  => 'data-edit',
+                    'fields' => [
+                        'new_pass' => [
+                            'id'        => 'new_pass',
+                            'type'      => 'password',
+                            'maxlength' => 25,
+                            'caption'   => \ForkBB\__('New pass'),
+                            'required'  => true,
+                            'pattern'   => '^.{16,}$',
+                            'info'      => \ForkBB\__('Pass format') . ' ' . \ForkBB\__('Pass info'),
+                        ],
+                        'password' => [
+                            'id'        => 'password',
+                            'type'      => 'password',
+                            'caption'   => \ForkBB\__('Your passphrase'),
+                            'required'  => true,
+                        ],
+                    ],
+                ],
+            ],
+            'btns'   => [
+                'submit' => [
+                    'type'      => 'submit',
+                    'value'     => \ForkBB\__('Submit'),
+                    'accesskey' => 's',
+                ],
+            ],
+        ];
+
+        $this->robots     = 'noindex';
+        $this->crumbs     = $this->extCrumbs(
+            [$this->c->Router->link('EditUserPass', ['id' => $this->curUser->id]), \ForkBB\__('Change pass')],
+            [$this->c->Router->link('EditUserProfile', ['id' => $this->curUser->id]), \ForkBB\__('Editing profile')]
+        );
+        $this->fIndex     = $this->rules->my ? 'profile' : 'userlist';
+        $this->nameTpl    = 'profile';
+        $this->onlinePos  = 'profile-' . $this->curUser->id; // ????
+        $this->title      = \ForkBB\__('%s\'s profile', $this->curUser->username);
+        $this->form       = $form;
+        $this->actionBtns = $this->btns('edit');
+
+        return $this;
+    }
+
     /**
      * Дополнительная проверка signature
      *
@@ -401,7 +514,7 @@ class Profile extends Page
     public function vCheckPassword(Validator $v, $password)
     {
         if (! \password_verify($password, $this->user->password)) {
-            $v->addError('Invalid password');
+            $v->addError('Invalid passphrase');
         }
 
         return $password;
@@ -520,6 +633,14 @@ class Profile extends Page
                 'value'   => $this->curUser->username,
             ];
         }
+        if ($isEdit && $this->rules->editPass) {
+            $fields[] = [
+                'id'    => 'change_pass',
+                'type'  => 'link',
+                'value' => \ForkBB\__('Change passphrase'),
+                'href'  => $this->c->Router->link('EditUserPass', ['id' => $this->curUser->id]),
+            ];
+        }
         if ($isEdit && $this->rules->setTitle) {
             $fields['title'] = [
                 'id'        => 'title',
@@ -729,7 +850,7 @@ class Profile extends Page
                     'id'    => 'change_email',
                     'type'  => 'link',
                     'value' => \ForkBB\__('To change email'),
-                    'href'  => $this->c->Router->link('ChangeUserEmail', ['id' => $this->curUser->id]),
+                    'href'  => $this->c->Router->link('EditUserEmail', ['id' => $this->curUser->id]),
                 ];
             }
             $fields['email_setting'] = [

app/Models/Pages/Register.php

@@ -24,7 +24,7 @@ class Register extends Page
                 'token'    => 'token:RegisterForm',
                 'agree'    => 'required|token:Register',
                 'on'       => 'integer',
-                'email'    => 'required_with:on|string:trim,lower|email:banned,unique',
+                'email'    => 'required_with:on|string:trim,lower|email:noban,unique',
                 'username' => 'required_with:on|string:trim,spaces|username',
                 'password' => 'required_with:on|string|min:16|password',
             ])->addAliases([

app/Models/Rules/Profile.php

@@ -40,6 +40,11 @@ class Profile extends Rules
         return $this->admin || ($this->moderator  && '1' == $this->user->g_mod_rename_users);
     }
 
+    protected function geteditPass()
+    {
+        return $this->my || $this->admin || ($this->moderator && '1' == $this->user->g_mod_change_passwords);
+    }
+
     protected function getsetTitle()
     {
         return $this->admin || $this->moderator || '1' == $this->user->g_set_title;

app/Models/Validators/Email.php

@@ -42,7 +42,7 @@ class Email extends Validators
         $user  = true;
 
         // email забанен
-        if ($ok && isset($attrs['banned']) && $this->c->bans->isBanned($this->c->users->create(['email' => $email])) > 0) {
+        if ($ok && isset($attrs['noban']) && $this->c->bans->isBanned($this->c->users->create(['email' => $email])) > 0) {
             $v->addError('Banned email');
             $ok = false;
         }

app/Models/Validators/Username.php

@@ -45,7 +45,7 @@ class Username extends Validators
             } elseif ($this->c->bans->isBanned($user) > 0) {
                 $v->addError('Banned username');
             // есть пользователь с похожим именем
-            } elseif (empty($v->getErrors()) && ! $this->c->users->isUniqueName($user)) {
+            } elseif (empty($v->getErrors()) && ! $this->c->users->isUniqueName($user)) { // ???? как вычислить похожее?
                 $v->addError('Username not unique');
             }
         }

app/lang/English/profile.po

@@ -54,12 +54,6 @@ msgstr "Enter the number of topics and posts you wish to view on each page."
 msgid "Pass key bad"
 msgstr "The specified password activation key was incorrect or has expired. Please re-request a new password. If that fails, contact the forum administrator at"
 
-msgid "Pass updated"
-msgstr "Your password has been updated. You can now login with your new password."
-
-msgid "Pass updated redirect"
-msgstr "Password updated. Redirecting …"
-
 msgid "Wrong pass"
 msgstr "Wrong old password."
 
@@ -438,14 +432,41 @@ msgstr "Signature has only capital letters"
 msgid "To change email"
 msgstr "Change email address"
 
-msgid "Your password"
-msgstr "Your password"
+msgid "Your passphrase"
+msgstr "Your passphrase"
 
-msgid "Invalid password"
-msgstr "Invalid password"
+msgid "Invalid passphrase"
+msgstr "Invalid passphrase"
 
 msgid "Email is old redirect"
 msgstr "Email address is not changed. Redirecting …"
 
 msgid "Email changed redirect"
 msgstr "Email address changed. Redirecting …"
+
+msgid "Pass not match"
+msgstr "Passphrases do not match."
+
+msgid "Change pass"
+msgstr "Change passphrase"
+
+msgid "Change passphrase"
+msgstr "Change passphrase"
+
+msgid "New pass"
+msgstr "New passphrase"
+
+msgid "Confirm new pass"
+msgstr "Confirm new passphrase"
+
+msgid "Pass format"
+msgstr "Passphrase must contain a few words."
+
+msgid "Pass info"
+msgstr "Passphrase must be at least 16 characters long. Passphrase are case sensitive."
+
+msgid "Pass updated"
+msgstr "Your passphrase has been updated. You can now login with your new passphrase."
+
+msgid "Pass updated redirect"
+msgstr "Passphrase updated. Redirecting …"

app/lang/Russian/auth.po

@@ -58,7 +58,7 @@ msgid "Change pass"
 msgstr "Смена кодовой фразы"
 
 msgid "Change passphrase"
-msgstr "Сменить кодовую фразу"
+msgstr "Изменить кодовую фразу"
 
 msgid "New pass"
 msgstr "Новая кодовая фраза"

app/lang/Russian/profile.po

@@ -54,12 +54,6 @@ msgstr "Укажите число тем и сообщений, выводимы
 msgid "Pass key bad"
 msgstr "Указанный ключ активации пароля неверен или истек срок его действия. Пожалуйста, повторно запросите новый пароль. Если ничего не получится, то свяжитесь с администрацией; почтовый адрес для связи"
 
-msgid "Pass updated"
-msgstr "Ваш пароль изменён. Вы можете войти на форум с новым паролем."
-
-msgid "Pass updated redirect"
-msgstr "Пароль изменён. Переадресация …"
-
 msgid "Wrong pass"
 msgstr "Ошибка в старом пароле."
 
@@ -438,14 +432,41 @@ msgstr "Текст подписи содержит только заглавны
 msgid "To change email"
 msgstr "Изменить адрес электронной почты"
 
-msgid "Your password"
-msgstr "Ваш пароль"
+msgid "Your passphrase"
+msgstr "Ваша кодовая фраза"
 
-msgid "Invalid password"
-msgstr "Неверный пароль"
+msgid "Invalid passphrase"
+msgstr "Неверная кодовая фраза"
 
 msgid "Email is old redirect"
 msgstr "Адрес электронной почты оставлен без изменений. Переадресация …"
 
 msgid "Email changed redirect"
 msgstr "Адрес электронной почты изменен. Переадресация …"
+
+msgid "Pass not match"
+msgstr "Кодовые фразы не совпадают."
+
+msgid "Change pass"
+msgstr "Смена кодовой фразы"
+
+msgid "Change passphrase"
+msgstr "Изменить кодовую фразу"
+
+msgid "New pass"
+msgstr "Новая кодовая фраза"
+
+msgid "Confirm new pass"
+msgstr "Ещё раз"
+
+msgid "Pass format"
+msgstr "Кодовая фраза должна содержать несколько слов."
+
+msgid "Pass info"
+msgstr "Кодовая фраза должна состоять минимум из 16 символов. Она чувствительна к регистру вводимых букв."
+
+msgid "Pass updated"
+msgstr "Ваша кодовая фраза изменена. Вы можете войти на форум с ее помощью."
+
+msgid "Pass updated redirect"
+msgstr "Кодовая фраза изменена. Переадресация …"