auth/username auth/unregister: password confirmation

This commit is contained in:
Miraty 2023-03-09 14:23:28 +01:00
parent abb9aabf5b
commit ca0759c8ab
4 changed files with 14 additions and 2 deletions

View File

@ -1,5 +1,8 @@
<?php
if (checkPassword($_SESSION['id'], $_POST['current-password']) !== true)
output(403, _('Wrong current password.'));
if (!isset($_POST['delete']))
output(403, _('Account deletion must be confirmed.'));

View File

@ -2,6 +2,9 @@
checkUsernameFormat($_POST['new-username']);
if (checkPassword($_SESSION['id'], $_POST['current-password']) !== true)
output(403, _('Wrong current password.'));
$username = hashUsername($_POST['new-username']);
if (usernameExists($username) !== false)

View File

@ -3,8 +3,11 @@
</p>
<form method="post">
<label for="current-password"><?= _('Current password') ?></label><br>
<input required="" autocomplete="current-password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="current-password" name="current-password" type="password" placeholder="<?= PLACEHOLDER_PASSWORD ?>"><br>
<input type="checkbox" name="delete" id="delete" required="">
<label for="delete"><?= _('Delete the current account and everything related (required)') ?></label>
<br>
<label for="delete"><?= _('Delete the current account and everything related (required)') ?></label><br>
<input type="submit" value="<?= _('Delete') ?>">
</form>

View File

@ -1,4 +1,7 @@
<form method="post">
<label for="current-password"><?= _('Current password') ?></label><br>
<input required="" autocomplete="current-password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="current-password" name="current-password" type="password" placeholder="<?= PLACEHOLDER_PASSWORD ?>"><br>
<label for="new-username"><?= _('New username') ?></label><br>
<input required="" autocomplete="username" minlength="1" maxlength="1024" pattern="<?= USERNAME_REGEX ?>" id="new-username" name="new-username" type="text" placeholder="<?= PLACEHOLDER_USERNAME ?>"><br>