diff --git a/TODO b/TODO index 4d63d71..8ddf7b7 100755 --- a/TODO +++ b/TODO @@ -1,7 +1,5 @@ Issues : ======== -* Regenerate token -* Global paybacks * Test fr * Paybacks and user deletion * Minify CSS / JS diff --git a/index.php b/index.php index c75dd49..6e30e8c 100644 --- a/index.php +++ b/index.php @@ -259,19 +259,24 @@ $user_id = $current_user->getId(); } - if(check_token(600, 'password')) { + if(check_token(600, 'password') || check_token(600, 'edit_users')) { $user = new User(); $user = $user->load(array('id'=>$user_id), true); $user->newJsonToken(); $user->save(); $_SESSION['current_user'] = $user->sessionStore(); - header('location: index.php?do=password&'.$get_redir); + if(!empty($_GET['user_id'])) + header('location: index.php?do=edit_users&user_id='.$user_id); + else + header('location: index.php?do=password&'.$get_redir); exit(); } else { $tpl->assign('error', $errors['token_error'][LANG]); + $tpl->assign('block_error', true); $tpl->draw('index'); + exit(); } break; @@ -330,7 +335,9 @@ } else { $tpl->assign('error', $errors['token_error'][LANG]); + $tpl->assign('block_error', 'true'); $tpl->draw('index'); + exit(); } } break; @@ -544,12 +551,16 @@ } else { $tpl->assign('error', $errors['unauthorized'][LANG]); + $tpl->assign('block_error', true); $tpl->draw('index'); + exit(); } } else { $tpl->assign('error', $errors['token_error'][LANG]); + $tpl->assign('block_error', true); $tpl->draw('index'); + exit(); } } else { @@ -598,13 +609,17 @@ } else { $tpl->assign('error', $errors['token_error'][LANG]); + $tpl->assign('block_error', true); $tpl->draw('index'); + exit(); } } else { $tpl->assign('error', $errors['unauthorized'][LANG]); + $tpl->assign('block_error', true); $tpl->draw('index'); + exit(); } } else { @@ -635,7 +650,9 @@ } else { $tpl->assign('error', $errors['token_error'][LANG]); + $tpl->assign('block_error', true); $tpl->draw('index'); + exit(); } } @@ -705,7 +722,9 @@ } else { $tpl->assign('error', $errors['token_error'][LANG]); + $tpl->assign('block_error', true); $tpl->draw('index'); + exit(); } } @@ -747,7 +766,7 @@ $tpl->assign('list', true); $tpl->assign('global_paybacks', $global_paybacks); - $tpl->assign('payback', generate_token('global_payback')); + $tpl->assign('token', generate_token('global_payback')); $tpl->draw('see_paybacks'); break; @@ -789,7 +808,9 @@ } else { $tpl->assign('error', $errors['token_error'][LANG]); + $tpl->assign('block_error', true); $tpl->draw('index'); + exit(); } } else { @@ -815,7 +836,7 @@ $tpl->assign('global_paybacks', $global_paybacks); } else { - if(!empty($_POST['users_in'])) { + if(!empty($_POST['users_in']) && count($_POST['users_in']) > 1) { if(check_token(600, 'global_payback')) { $global_payback = new GlobalPayback(); @@ -918,7 +939,9 @@ } else { $tpl->assign('error', $errors['token_error'][LANG]); + $tpl->assign('block_error', true); $tpl->draw('index'); + exit(); } } @@ -927,7 +950,7 @@ $tpl->assign('users', $users_list); } - $tpl->assign('payback', generate_token('global_payback')); + $tpl->assign('token', generate_token('global_payback')); $tpl->draw('manage_paybacks'); break; diff --git a/tpl/default_en/edit_users.html b/tpl/default_en/edit_users.html index 923f537..6a1637c 100644 --- a/tpl/default_en/edit_users.html +++ b/tpl/default_en/edit_users.html @@ -52,7 +52,7 @@ {if condition="$user_id != -1"}

Personal token for this user

-

The personal token for this user to be used with the API is : {$user_data->getJsonToken()}.
If you think it might be compromised, you can generate a new one.

+

The personal token for this user to be used with the API is : {$user_data->getJsonToken()}.
If you think it might be compromised, you can generate a new one.

{/if} {elseif condition="$view == 'password'"} @@ -64,6 +64,6 @@

Your personal token to use the API

-

Your personal token to use the API is : {$json_token}.
If you think it might be compromised, you can generate a new one.

+

Your personal token to use the API is : {$json_token}.
If you think it might be compromised, you can generate a new one.

{/if} {include="footer"} diff --git a/tpl/default_en/header.html b/tpl/default_en/header.html index 341bcd3..c8a2ea6 100755 --- a/tpl/default_en/header.html +++ b/tpl/default_en/header.html @@ -31,4 +31,5 @@ {/if} {/if} -{if condition="!empty($error)"}

{$error}

{/if} +{if condition="!empty($error)"}

{$error}

+{if condition="!empty($block_error) && $block_error"}

Go back to previous page

{function="exit();"}{/if}{/if} diff --git a/tpl/default_en/see_paybacks.html b/tpl/default_en/see_paybacks.html index 52d9033..abdb74b 100644 --- a/tpl/default_en/see_paybacks.html +++ b/tpl/default_en/see_paybacks.html @@ -7,7 +7,7 @@ {loop="$global_paybacks"}
{$value->getDate()}
- {if condition="$value->getClosed() !== false"} + {if condition="$value->getClosed() === false"} Payback n°{$value->getId()} {else} [Closed] Payback n°{$value->getId()} diff --git a/tpl/default_fr/edit_users.html b/tpl/default_fr/edit_users.html index ad2f7fd..908de54 100644 --- a/tpl/default_fr/edit_users.html +++ b/tpl/default_fr/edit_users.html @@ -52,7 +52,7 @@ {if condition="$user_id != -1"}

Jeton d'identification pour l'utilisateur

-

Le jeton personnel d'identification à utiliser pour la connection à l'API est : {$user_data->getJsonToken()}.
Si vous pensez qu'il a pu être compromis, vous pouvez en générer un nouveau.

+

Le jeton personnel d'identification à utiliser pour la connection à l'API est : {$user_data->getJsonToken()}.
Si vous pensez qu'il a pu être compromis, vous pouvez en générer un nouveau.

{/if} {elseif condition="$view == 'password'"} diff --git a/tpl/default_fr/header.html b/tpl/default_fr/header.html index ee50208..5ebf528 100755 --- a/tpl/default_fr/header.html +++ b/tpl/default_fr/header.html @@ -31,4 +31,6 @@ {/if} {/if} -{if condition="!empty($error)"}

{$error}

{/if} +{if condition="!empty($error)"}

{$error}

+{if condition="!empty($block_error) && $block_error"}

Go back to previous page

{function="exit();"}{/if}{/if} + diff --git a/tpl/default_fr/see_paybacks.html b/tpl/default_fr/see_paybacks.html index 64a3cfd..32969dc 100644 --- a/tpl/default_fr/see_paybacks.html +++ b/tpl/default_fr/see_paybacks.html @@ -7,7 +7,7 @@ {loop="$global_paybacks"}
{$value->getDate()}
- {if condition="$value->getClosed() !== false"} + {if condition="$value->getClosed() === false"} Remboursement n°{$value->getId()} {else} [Terminé] Remboursement n°{$value->getId()}