summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/controllers/Users.class.php21
-rw-r--r--src/lib/Database.class.php7
-rw-r--r--src/views/pages/users/new.html.php4
3 files changed, 19 insertions, 13 deletions
diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index 9674907..4a8f04c 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -59,6 +59,7 @@ class Users extends Controller {
public function new_user($routed, $vars) {
// since there will never be a remainder to `users/new', we can
// use that parameter to pass in some data.
+ if (!isset($vars['errors'])) $vars['errors'] = array();
$this->showView('users/new', $vars);
}
@@ -124,7 +125,7 @@ class Users extends Controller {
*/
private function create_user() {
$vars = array();
- @$vars['username' ] = $_POST['auth_name'];
+ @$vars['username' ] = $_POST['auth_name'];
@$vars['password1'] = $_POST['auth_password' ];
@$vars['password2'] = $_POST['auth_password_verify'];
@@ -133,14 +134,16 @@ class Users extends Controller {
$vars['errors'] = array();
if ($db->getUID($vars['username'])!==false)
$vars['errors'][] = 'user exists';
- if (in_array($vars['username'], $this->illegal_names))
- $vars['errors'] = 'illegal name';
+ if (in_array($vars['username'], self::$illegal_names))
+ $vars['errors'][] = 'illegal name';
$matches = ($vars['password1'] == $vars['password2']);
- if (!$matches)
- $vars['errors'] = 'pw mixmatch';
- if ($matches && $password2 == '')
- $vars['errors'] = 'no pw';
-
+ if (!$matches) {
+ $vars['errors'][] = 'pw mixmatch';
+ }
+ if ($matches && $vars['password2'] == '') {
+ $vars['errors'][] = 'no pw';
+ }
+
if (count($vars['errors']) > 0) {
$this->new_user($routed, $vars);
} else {
@@ -155,7 +158,7 @@ class Users extends Controller {
array('username'=>$username));
}
}
- }
+ }
/**
* This will parse POST (really, PUT) data to update a single user
diff --git a/src/lib/Database.class.php b/src/lib/Database.class.php
index b7e5bcd..07df993 100644
--- a/src/lib/Database.class.php
+++ b/src/lib/Database.class.php
@@ -114,7 +114,8 @@ class Database {
if (!is_int($uid)) return false;
$table = $this->mysql_table('auth');
- $hasher = $this->hasher();
+ global $mm;
+ $hasher = $mm->hasher();
@$hash = $hasher->HashPassword($password);
$query =
"UPDATE $table \n".
@@ -129,9 +130,11 @@ class Database {
return false;
}
+ global $mm;
+
$table = $this->mysql_table('auth');
$user = $this->mysql_escape($username);
- $hasher = $this->hasher();
+ $hasher = $mm->hasher();
@$hash = $hasher->HashPassword($password);
$status = 0;
$query =
diff --git a/src/views/pages/users/new.html.php b/src/views/pages/users/new.html.php
index f2dacb5..6b78b5e 100644
--- a/src/views/pages/users/new.html.php
+++ b/src/views/pages/users/new.html.php
@@ -16,10 +16,10 @@ if (in_array('user exists', $VARS['errors'])) {
$t->inputText('auth_name','Username',
"This is the name you use to log in, but it is also a ".
"short name that is used in various places, think of it ".
- "as a sort of <q>Twitter name</q>.",'',$VARS['username']);
+ "as a sort of <q>Twitter name</q>.",$VARS['username']);
@$password = $VARS['password1'];
-if ($in_array('pw mixmatch', $VARS['errors'])) {
+if (in_array('pw mixmatch', $VARS['errors'])) {
$t->inputP("The passwords didn't match.", true);
$password = '';
}