#!/bin/sh
+# Copyright 2021 - 2024 Paul Hänsch
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED “AS IS” AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+# SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
+# IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
[ -n "$include_users" ] && return 0
include_users="$0"
-. "${_EXEC}/cgilite/session.sh"
-. "${_EXEC}/cgilite/storage.sh"
+. "${_EXEC:-.}/cgilite/session.sh"
+. "${_EXEC:-.}/cgilite/storage.sh"
SENDMAIL=${SENDMAIL-sendmail}
USER_ACCOUNTEXPIRE="${USER_ACCOUNTEXPIRE:-$((86400 * 730))}"
USER_CONFIRMEXPIRE="${USER_CONFIRMEXPIRE:-86400}"
-MAILFROM="${MAILDOMAIN-noreply@${HTTP_HOST%:*}}"
-
HTTP_HOST="$(HEADER Host)"
+MAILFROM="noreply@${HTTP_HOST%:*}"
[ "$HTTPS" ] && SCHEMA=https || SCHEMA=http
fi
if [ "$USER_REQUIREEMAIL" = true ]; then
- if [ ! "email" ]; then
+ if [ ! "$email" ]; then
REDIRECT "${_BASE}${PATH_INFO}#ERROR_EMAIL_INVALID"
elif user_emailexist "$email"; then
REDIRECT "${_BASE}${PATH_INFO}#ERROR_EMAIL_EXISTS"
local email="$(POST email |user_checkemail)"
local message="$(POST message)"
- if [ ! "email" ]; then
+ if [ ! "$email" ]; then
REDIRECT "${_BASE}${PATH_INFO}#ERROR_EMAIL_INVALID"
elif user_emailexist "$email"; then
REDIRECT "${_BASE}${PATH_INFO}#ERROR_EMAIL_EXISTS"
uid="$(POST uid)"
oldpw="$(POST oldpw)"
- pw="$(POST pw |grep -xE '.{6}')"
+ pw="$(POST pw |grep -m1 -xE '.{6,}')"
pwconfirm="$(POST pwconfirm)"
update_user "${uid}" password="$pw"
REDIRECT "${_BASE}${PATH_INFO}#UPDATE_SUCCESS"
else
- REDIRECT "${_BASE}${PATH_INFO}#ERROR_PWMISMATCH"
+ REDIRECT "${_BASE}${PATH_INFO}#ERROR_PW_MISMATCH"
fi
elif [ "$UID_" = "$USER_ID" ]; then
REDIRECT "${_BASE}${PATH_INFO}#ERROR_INVALID_AUTH_PASSWORD"
if [ "$(GET user_confirm)" ]; then
w_user_confirm
- elif [ "$USER_ID" -a "$SENDMAIL" ]; then
+ elif [ "$USER_ID" -a "$USER_REQUIREEMAIL" = true ]; then
w_user_invite_email
elif [ "$USER_ID" ]; then
uid="$(timeid)"
w_user_login_logon(){ # TRANSLATION
cat <<-EOF
[form #user_login .login method=POST
- [input name=uname placeholder="Username or Email" autocomplete=off]
+ [input name=uname placeholder="Username or Email"]
[input type=password name=pw placeholder="Passphrase"]
[submit "action" "user_login" Login]
]