fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-22 05:15:29 +09:00
Code Issues Projects Releases Packages Wiki Activity

Misc fixes to password change routine

Browse source
This commit is contained in:
Kijin Sung 2023-11-28 23:24:09 +09:00
parent c887d8a84d
commit 24c2cecc9b
1 changed files with 17 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

24
modules/member/member.controller.php
View file

@ -1179,15 +1179,15 @@ class MemberController extends Member
// Get information of logged-in user // Get information of logged-in user
if ($is_password_reset) if ($is_password_reset)
{ {
$member_srl = $this->user->member_srl; $member_srl = $vars->member_srl;
} }
else else
{ {
$member_srl = $vars->member_srl; $member_srl = $this->user->member_srl;
} }
$member_info = MemberModel::getMemberInfoByMemberSrl($member_srl); $member_info = MemberModel::getMemberInfoByMemberSrl($member_srl);
// Verify the cuttent password // Verify the current password
if (!$is_password_reset) if (!$is_password_reset)
{ {
if (!MemberModel::isValidPassword($member_info->password, $current_password, $member_srl)) if (!MemberModel::isValidPassword($member_info->password, $current_password, $member_srl))
@ -1213,16 +1213,26 @@ class MemberController extends Member
} }
// Log out all other sessions. // Log out all other sessions.
$member_config = ModuleModel::getModuleConfig('member'); if ($config->password_change_invalidate_other_sessions === 'Y')
if ($member_config->password_change_invalidate_other_sessions === 'Y')
{ {
Rhymix\Framework\Session::destroyOtherSessions($member_srl); Rhymix\Framework\Session::destroyOtherSessions($member_srl);
} }
$this->add('member_srl', $args->member_srl); $this->add('member_srl', $member_srl);
$this->setMessage('success_updated'); $this->setMessage('success_updated');
$returnUrl = Context::get('success_return_url') ? Context::get('success_return_url') : getNotEncodedUrl('', 'mid', Context::get('mid'), 'act', 'dispMemberInfo'); if (Context::get('success_return_url'))
{
$returnUrl = Context::get('success_return_url');
}
elseif ($is_password_reset)
{
$returnUrl = getNotEncodedUrl('', 'mid', Context::get('mid'), 'act', 'dispMemberLoginForm');
}
else
{
$returnUrl = getNotEncodedUrl('', 'mid', Context::get('mid'), 'act', 'dispMemberInfo');
}
$this->setRedirectUrl($returnUrl); $this->setRedirectUrl($returnUrl);
} }