From 65b00240d3f5bc424f1f352e8d82b94635323d0f Mon Sep 17 00:00:00 2001 From: Evgeny Gryaznov Date: Fri, 15 Apr 2011 01:24:33 +0200 Subject: [PATCH] redirect to profile page after first login; informational banner when password is blank; do not enforce password change; rename Home -> Dashboard --- src/messenger/webim/libs/operator.php | 17 ----------------- src/messenger/webim/locales/de/properties | 1 - src/messenger/webim/locales/en/properties | 7 ++++--- src/messenger/webim/operator/canned.php | 2 -- src/messenger/webim/operator/getcode.php | 2 -- src/messenger/webim/operator/history.php | 2 -- src/messenger/webim/operator/index.php | 3 ++- src/messenger/webim/operator/login.php | 8 +++++--- src/messenger/webim/operator/operator.php | 18 +++++++++++------- src/messenger/webim/operator/operators.php | 2 -- src/messenger/webim/operator/settings.php | 1 - src/messenger/webim/operator/statistics.php | 1 - src/messenger/webim/operator/translate.php | 2 -- src/messenger/webim/operator/updates.php | 1 - src/messenger/webim/operator/users.php | 1 - src/messenger/webim/view/agent.php | 13 +++++++++---- src/messenger/webim/view/menu.php | 8 ++++++-- 17 files changed, 37 insertions(+), 52 deletions(-) diff --git a/src/messenger/webim/libs/operator.php b/src/messenger/webim/libs/operator.php index ecfed251..4f4f3240 100755 --- a/src/messenger/webim/libs/operator.php +++ b/src/messenger/webim/libs/operator.php @@ -116,12 +116,6 @@ function update_operator($operatorid, $login, $email, $password, $localename, $c perform_query($query, $link); mysql_close($link); - // update the session password - if (isset($password)) - { - $_SESSION[$mysqlprefix.'operator']['vcpassword']=md5($password); - } - } function update_operator_avatar($operatorid, $avatar) @@ -241,17 +235,6 @@ function check_login($redirect = true) return $_SESSION["${mysqlprefix}operator"]; } -// Force the admin to set a password after the installation -function force_password($operator) -{ - global $webimroot; - if($operator['vcpassword']==md5('')) - { - header("Location: $webimroot/operator/operator.php?op=1"); - exit; - } -} - function get_logged_in() { global $mysqlprefix; diff --git a/src/messenger/webim/locales/de/properties b/src/messenger/webim/locales/de/properties index 0f395517..8b3d807e 100644 --- a/src/messenger/webim/locales/de/properties +++ b/src/messenger/webim/locales/de/properties @@ -212,7 +212,6 @@ menu.translate=Regionalisieren menu.updates.content=Auf Nachrichten und Updates prüfen. menu.updates=Updates my_settings.error.password_match=Die Passwörter stimmen nicht überein -my_settings.error.no_password=Es ist noch kein Passwort für den Administrator gesetzt no_such_operator=Kein solcher Operator operator.group.no_description=<keine Beschreibung> operator.groups.intro=Wähle Gruppen nach Operator Qualifikation. diff --git a/src/messenger/webim/locales/en/properties b/src/messenger/webim/locales/en/properties index 878a2c47..ac17bf17 100644 --- a/src/messenger/webim/locales/en/properties +++ b/src/messenger/webim/locales/en/properties @@ -122,6 +122,8 @@ errors.prefix=
  • errors.required=Please fill "{0}". errors.suffix=
    • errors.wrong_field=Please fill "{0}" correctly. +error.no_password=This is your first time logging in and your password is blank. For security reasons you have to change it. +error.no_password.visit_profile=Visit your Profile Page. features.saved=Features activated form.field.address.description=Ex: 12.23.45.123 or todo.com form.field.address=Visitor's Address @@ -236,7 +238,6 @@ menu.profile=Profile menu.translate=Localize menu.updates.content=Check for news and updates. menu.updates=Updates -my_settings.error.no_password=No Password set for the Administrator my_settings.error.password_match=Entered passwords do not match no_such_operator=No such operator operator.group.no_description=<no description> @@ -495,9 +496,9 @@ time.never=Never time.timeformat=%I:%M %p time.today.at=Today at time.yesterday.at=Yesterday at -topMenu.admin=Home +topMenu.admin=Dashboard topMenu.logoff=Exit -topMenu.main=Home +topMenu.main=Dashboard topMenu.users.nomenu=without menu topMenu.users=Visitors translate.direction=Direction: diff --git a/src/messenger/webim/operator/canned.php b/src/messenger/webim/operator/canned.php index c665ddf0..9d9f7886 100644 --- a/src/messenger/webim/operator/canned.php +++ b/src/messenger/webim/operator/canned.php @@ -26,8 +26,6 @@ require_once('../libs/groups.php'); require_once('../libs/pagination.php'); $operator = check_login(); -force_password($operator); - loadsettings(); $errors = array(); diff --git a/src/messenger/webim/operator/getcode.php b/src/messenger/webim/operator/getcode.php index c8dc3c14..1c738f9e 100644 --- a/src/messenger/webim/operator/getcode.php +++ b/src/messenger/webim/operator/getcode.php @@ -25,8 +25,6 @@ require_once('../libs/groups.php'); require_once('../libs/getcode.php'); $operator = check_login(); -force_password($operator); - loadsettings(); $imageLocales = get_image_locales_map("../locales"); diff --git a/src/messenger/webim/operator/history.php b/src/messenger/webim/operator/history.php index 015ce66d..0f0e6b8b 100644 --- a/src/messenger/webim/operator/history.php +++ b/src/messenger/webim/operator/history.php @@ -26,8 +26,6 @@ require_once('../libs/userinfo.php'); require_once('../libs/pagination.php'); $operator = check_login(); -force_password($operator); - loadsettings(); setlocale(LC_TIME, getstring("time.locale")); diff --git a/src/messenger/webim/operator/index.php b/src/messenger/webim/operator/index.php index adbbfba0..b4af107c 100644 --- a/src/messenger/webim/operator/index.php +++ b/src/messenger/webim/operator/index.php @@ -23,7 +23,6 @@ require_once('../libs/common.php'); require_once('../libs/operator.php'); $operator = check_login(); -force_password($operator); $link = connect(); loadsettings_($link); @@ -34,6 +33,8 @@ $page = array( 'version' => $version, 'localeLinks' => get_locale_links("$webimroot/operator/index.php"), 'needUpdate' => $settings['dbversion'] != $dbversion, + 'needChangePassword' => $operator['vcpassword'] == md5(''), + 'profilePage' => "$webimroot/operator/operator.php?op=".$operator['operatorid'], 'updateWizard' => "$webimroot/install/", 'newFeatures' => $settings['featuresversion'] != $featuresversion, 'featuresPage' => "$webimroot/operator/features.php", diff --git a/src/messenger/webim/operator/login.php b/src/messenger/webim/operator/login.php index 88c31ff7..df202de5 100644 --- a/src/messenger/webim/operator/login.php +++ b/src/messenger/webim/operator/login.php @@ -33,9 +33,11 @@ if (isset($_POST['login']) && isset($_POST['password'])) { $operator = operator_by_login($login); if ($operator && isset($operator['vcpassword']) && $operator['vcpassword'] == md5($password)) { - $target = isset($_SESSION['backpath']) - ? $_SESSION['backpath'] - : "$webimroot/operator/index.php"; + $target = $password == '' + ? "$webimroot/operator/operator.php?op=" . $operator['operatorid'] + : (isset($_SESSION['backpath']) + ? $_SESSION['backpath'] + : "$webimroot/operator/index.php"); login_operator($operator, $remember); header("Location: $target"); diff --git a/src/messenger/webim/operator/operator.php b/src/messenger/webim/operator/operator.php index cf681141..00413716 100644 --- a/src/messenger/webim/operator/operator.php +++ b/src/messenger/webim/operator/operator.php @@ -77,6 +77,15 @@ if (isset($_POST['login']) && isset($_POST['password'])) { exit; } else { update_operator($opId, $login, $email, $password, $localname, $commonname); + // update the session password + if (isset($password) && $opId == $operator['operatorid']) { + $toDashboard = $operator['vcpassword'] == md5('') && $password != ''; + $_SESSION["${mysqlprefix}operator"]['vcpassword'] = md5($password); + if($toDashboard) { + header("Location: $webimroot/operator/index.php"); + exit; + } + } header("Location: $webimroot/operator/operator.php?op=$opId&stored"); exit; } @@ -96,12 +105,6 @@ if (isset($_POST['login']) && isset($_POST['password'])) { $errors[] = getlocal("no_such_operator"); $page['opid'] = topage($opId); } else { - //show an error if the admin password hasn't been set yet. - if ($operator['vcpassword']==md5('') && !isset($_GET['stored'])) - { - $errors[] = getlocal("my_settings.error.no_password"); - } - $page['formlogin'] = topage($op['vclogin']); $page['formname'] = topage($op['vclocalename']); $page['formemail'] = topage($op['vcemail']); @@ -119,9 +122,10 @@ $canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $page['stored'] = isset($_GET['stored']); $page['canmodify'] = $canmodify ? "1" : ""; +$page['needChangePassword'] = $operator['vcpassword'] == md5(''); prepare_menu($operator); setup_operator_settings_tabs($opId, 0); start_html_output(); require('../view/agent.php'); -?> \ No newline at end of file +?> diff --git a/src/messenger/webim/operator/operators.php b/src/messenger/webim/operator/operators.php index eeb01e37..b73d976f 100644 --- a/src/messenger/webim/operator/operators.php +++ b/src/messenger/webim/operator/operators.php @@ -23,8 +23,6 @@ require_once('../libs/common.php'); require_once('../libs/operator.php'); $operator = check_login(); -force_password($operator); - if (isset($_GET['act']) && $_GET['act'] == 'del') { $operatorid = isset($_GET['id']) ? $_GET['id'] : ""; diff --git a/src/messenger/webim/operator/settings.php b/src/messenger/webim/operator/settings.php index 894e8d6d..77025774 100644 --- a/src/messenger/webim/operator/settings.php +++ b/src/messenger/webim/operator/settings.php @@ -24,7 +24,6 @@ require_once('../libs/operator.php'); require_once('../libs/settings.php'); $operator = check_login(); -force_password($operator); $page = array('agentId' => ''); $errors = array(); diff --git a/src/messenger/webim/operator/statistics.php b/src/messenger/webim/operator/statistics.php index dc5b0af2..f2c1add5 100644 --- a/src/messenger/webim/operator/statistics.php +++ b/src/messenger/webim/operator/statistics.php @@ -24,7 +24,6 @@ require_once('../libs/chat.php'); require_once('../libs/operator.php'); $operator = check_login(); -force_password($operator); setlocale(LC_TIME, getstring("time.locale")); diff --git a/src/messenger/webim/operator/translate.php b/src/messenger/webim/operator/translate.php index 575d6eb7..5e271ce6 100644 --- a/src/messenger/webim/operator/translate.php +++ b/src/messenger/webim/operator/translate.php @@ -119,8 +119,6 @@ function get_auxiliary($s) } $operator = check_login(); -force_password($operator); - $source = verifyparam("source", "/^[\w-]{2,5}$/", $default_locale); $target = verifyparam("target", "/^[\w-]{2,5}$/", $current_locale); diff --git a/src/messenger/webim/operator/updates.php b/src/messenger/webim/operator/updates.php index 63455e0c..d36f8f12 100644 --- a/src/messenger/webim/operator/updates.php +++ b/src/messenger/webim/operator/updates.php @@ -24,7 +24,6 @@ require_once('../libs/operator.php'); require_once('../libs/settings.php'); $operator = check_login(); -force_password($operator); $default_extensions = array('mysql', 'gd', 'iconv'); diff --git a/src/messenger/webim/operator/users.php b/src/messenger/webim/operator/users.php index d69d7528..41983f42 100644 --- a/src/messenger/webim/operator/users.php +++ b/src/messenger/webim/operator/users.php @@ -24,7 +24,6 @@ require_once('../libs/operator.php'); require_once('../libs/groups.php'); $operator = check_login(); -force_password($operator); $status = isset($_GET['away']) ? 1 : 0; diff --git a/src/messenger/webim/view/agent.php b/src/messenger/webim/view/agent.php index 056d0aea..23912f81 100644 --- a/src/messenger/webim/view/agent.php +++ b/src/messenger/webim/view/agent.php @@ -39,15 +39,20 @@ function tpl_content() { global $page, $webimroot, $errors; - + +
    +
    +
    + +
    - +
    @@ -70,7 +75,7 @@ require_once('inc_errors.php');
    -
    *
    +
    *
    />
    @@ -79,7 +84,7 @@ require_once('inc_errors.php');
    -
    *
    +
    *
    />
    diff --git a/src/messenger/webim/view/menu.php b/src/messenger/webim/view/menu.php index f907b794..3441ed47 100644 --- a/src/messenger/webim/view/menu.php +++ b/src/messenger/webim/view/menu.php @@ -41,8 +41,12 @@ function menuseparator() { function tpl_content() { global $page, $webimroot, $current_locale, $menuItemsCount, $version; ?> -
    - +
    + + +
    +
    +