tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

Returning response from doChangePassword()

Browse Source
This commit is contained in:
Ingo Schommer 2014-04-10 17:21:10 +12:00
parent a5ab477e9f
commit be12656bd9
1 changed files with 8 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
security/ChangePasswordForm.php
View File

@ -57,6 +57,7 @@ class ChangePasswordForm extends Form {
* Change the password * Change the password
* *
* @param array $data The user submitted data * @param array $data The user submitted data
* @return SS_HTTPResponse
*/ */
public function doChangePassword(array $data) { public function doChangePassword(array $data) {
if($member = Member::currentUser()) { if($member = Member::currentUser()) {
@ -68,8 +69,7 @@ class ChangePasswordForm extends Form {
"bad" "bad"
); );
// redirect back to the form, instead of using redirectBack() which could send the user elsewhere. // redirect back to the form, instead of using redirectBack() which could send the user elsewhere.
$this->controller->redirect($this->controller->Link('changepassword')); return $this->controller->redirect($this->controller->Link('changepassword'));
return;
} }
} }
@ -81,8 +81,7 @@ class ChangePasswordForm extends Form {
// The user is not logged in and no valid auto login hash is available // The user is not logged in and no valid auto login hash is available
if(!$member) { if(!$member) {
Session::clear('AutoLoginHash'); Session::clear('AutoLoginHash');
$this->controller->redirect($this->controller->Link('login')); return $this->controller->redirect($this->controller->Link('login'));
return;
} }
} }
@ -94,8 +93,7 @@ class ChangePasswordForm extends Form {
"bad"); "bad");
// redirect back to the form, instead of using redirectBack() which could send the user elsewhere. // redirect back to the form, instead of using redirectBack() which could send the user elsewhere.
$this->controller->redirect($this->controller->Link('changepassword')); return $this->controller->redirect($this->controller->Link('changepassword'));
return;
} }
else if($data['NewPassword1'] == $data['NewPassword2']) { else if($data['NewPassword1'] == $data['NewPassword2']) {
$isValid = $member->changePassword($data['NewPassword1']); $isValid = $member->changePassword($data['NewPassword1']);
@ -115,7 +113,7 @@ class ChangePasswordForm extends Form {
// absolute redirection URLs may cause spoofing // absolute redirection URLs may cause spoofing
&& Director::is_site_url($_REQUEST['BackURL']) && Director::is_site_url($_REQUEST['BackURL'])
) { ) {
$this->controller->redirect($_REQUEST['BackURL']); return $this->controller->redirect($_REQUEST['BackURL']);
} }
else { else {
// Redirect to default location - the login form saying "You are logged in as..." // Redirect to default location - the login form saying "You are logged in as..."
@ -123,7 +121,7 @@ class ChangePasswordForm extends Form {
'BackURL', 'BackURL',
Director::absoluteBaseURL(), $this->controller->Link('login') Director::absoluteBaseURL(), $this->controller->Link('login')
); );
$this->controller->redirect($redirectURL); return $this->controller->redirect($redirectURL);
} }
} else { } else {
$this->clearMessage(); $this->clearMessage();
@ -137,7 +135,7 @@ class ChangePasswordForm extends Form {
); );
// redirect back to the form, instead of using redirectBack() which could send the user elsewhere. // redirect back to the form, instead of using redirectBack() which could send the user elsewhere.
$this->controller->redirect($this->controller->Link('changepassword')); return $this->controller->redirect($this->controller->Link('changepassword'));
} }
} else { } else {
@ -147,7 +145,7 @@ class ChangePasswordForm extends Form {
"bad"); "bad");
// redirect back to the form, instead of using redirectBack() which could send the user elsewhere. // redirect back to the form, instead of using redirectBack() which could send the user elsewhere.
$this->controller->redirect($this->controller->Link('changepassword')); return $this->controller->redirect($this->controller->Link('changepassword'));
} }
} }