&& read -r UID UNAME STATUS EMAIL PWSALT PWHASH EXPIRE DEVICES FUTUREUSE <<-EOF
$(grep "^${user_id} " "$user_db")
EOF
- if [ "$STATUS" = active -a "$EXPIRE" -gt "$_DATE" ]; then
+ [ "$STATUS" -a "$EXPIRE" ] \
+ && if [ "$STATUS" = active -a "$EXPIRE" -gt "$_DATE" ]; then
USER_ID="$UID"
USER_NAME="$(UNSTRING "$UNAME")"
USER_EMAIL="$(UNSTRING "$EMAIL")"
}
user_checkname(){
- { [ $# -gt 0 ] && printf %s "$*" || cat } \
+ { [ $# -gt 0 ] && printf %s "$*" || cat; } \
| sed -nE '
:X; $!{N;bX;}
s;[ \t\r\n]+; ;g;
}
user_checkemail(){
- { [ $# -gt 0 ] && printf %s "$*" || cat } \
+ { [ $# -gt 0 ] && printf %s "$*" || cat; } \
| sed -nE '
# W3C recommended email regex
# https://html.spec.whatwg.org/multipage/input.html#email-state-(type=email)
user_nameexist(){
local uname="$(STRING "$1")"
local UID UNAME STATUS EMAIL PWSALT PWHASH EXPIRE DEVICES FUTUREUSE
- while read -r UID UNAME STATUS EMAIL PWSALT PWHASH EXPIRE DEVICES FUTUREUSE; do
+ [ -f "$user_db" -a -r "$user_db" ] \
+ && while read -r UID UNAME STATUS EMAIL PWSALT PWHASH EXPIRE DEVICES FUTUREUSE; do
[ "$EXPIRE" -gt "$_DATE" -a "$UNAME" = "$uname" ] && return 0
done <"$user_db"
return 1
user_emailexist(){
local email="$(STRING "$1")"
local UID UNAME STATUS EMAIL PWSALT PWHASH EXPIRE DEVICES FUTUREUSE
- while read -r UID UNAME STATUS EMAIL PWSALT PWHASH EXPIRE DEVICES FUTUREUSE; do
+ [ -f "$user_db" -a -r "$user_db" ] \
+ && while read -r UID UNAME STATUS EMAIL PWSALT PWHASH EXPIRE DEVICES FUTUREUSE; do
[ "$EXPIRE" -gt "$_DATE" -a "$EMAIL" = "$email" ] && return 0
done <"$user_db"
return 1
user_pwhash(){
local salt="$1" secret="$2" hash
hash="$(printf '%s\n%s\n' "$secret" "$salt" |sha256sum)"
- printf '%s\n' "${hash% *}"
+ printf '%s\n' "${hash%% *}"
}
user_register(){
REDIRECT "${_BASE}${PATH_INFO}#ERROR_USER_NOLOCK"
fi
- elif [ "$USER_REQUIREEMAIL" != true ] then
+ elif [ "$USER_REQUIREEMAIL" != true ]; then
if [ ! "$uname" ]; then
REDIRECT "${_BASE}${PATH_INFO}#ERROR_UNAME_INVALID"
elif user_nameexist "$uname"; then
local UID UNAME STATUS EMAIL PWSALT PWHASH EXPIRE DEVICES FUTUREUSE
local uname="$(POST uname |STRING)" pw="$(POST pw)"
- while read -r UID UNAME STATUS EMAIL PWSALT PWHASH EXPIRE DEVICES FUTUREUSE; do
+ [ -f "$user_db" -a -r "$user_db" ] \
+ && while read -r UID UNAME STATUS EMAIL PWSALT PWHASH EXPIRE DEVICES FUTUREUSE; do
if [ "$UNAME" = "$uname" -o "$EMAIL" = "$uname" ]; then
if [ "$STATUS" = active -a "$EXPIRE" -gt "$_DATE" -a "$PWHASH" = "$(user_pwhash "$PWSALT" "$pw")" ]; then
SESSION_COOKIE new
user_update(){
# passphrase, email
+ :
}
user_recover(){
# send recover link
+ :
}
user_disable(){
+ :
}
user_init
cat <<-EOF
[form #user_register .registername method=POST
[input name=uname placeholder="Choose Username" tooltip="Your username may contain any character but the @ sign. It must be at least 3 characters long, and it must start with a letter." pattern="^\[a-zA-Z\]\[a-zA-Z0-9 -~\]{2,127}$" autocomplete=off]
- [input type=pw placeholder="Choose Passphrase" pattern=".{4,}"]
- [input type=pwconfirm placeholder="Confirm Passphrase" pattern=".{4,}"]
+ [input type=password name=pw placeholder="Choose Passphrase" pattern=".{6,}"]
+ [input type=password name=pwconfirm placeholder="Confirm Passphrase" pattern=".{6,}"]
[submit "action" "user_register" Sign Up]
]
EOF
[input type=hidden name=signature value="${signature}"]
[input disabled=disabled value="$(HTML "$EMAIL")"]
[input name=uname placeholder="Choose Username" tooltip="Your username may contain any character but the @ sign. It must be at least 3 characters long, and it must start with a letter." pattern="^\[a-zA-Z\]\[a-zA-Z0-9 -~\]{2,127}$" autocomplete=off]
- [input type=pw placeholder="Choose Passphrase" pattern=".{4,}"]
- [input type=pwconfirm placeholder="Confirm Passphrase" pattern=".{4,}"]
+ [input type=password name=pw placeholder="Choose Passphrase" pattern=".{6,}"]
+ [input type=password name=pwconfirm placeholder="Confirm Passphrase" pattern=".{6,}"]
[submit "action" "user_confirm" Finish Registration]
]
EOF
projects / cgilite / commitdiff