diff --git a/assets/php/common/user_dao.php b/assets/php/common/user_dao.php
index f4acf1a..127fe2f 100644
--- a/assets/php/common/user_dao.php
+++ b/assets/php/common/user_dao.php
@@ -43,6 +43,7 @@
$resul->free();
return $users;
}
+
//Create a new User.
public function createUser($id, $username, $email, $password, $rol){
$password = $this->encryptPass($password);
@@ -51,7 +52,7 @@
VALUES ( '%s', '%s', '%s', '%s', '%s')",
$id, $username, $email, $password, $rol );
- $resul = mysqli_query($this->mysqli, $sql) /*or die ('Error into query database')*/;
+ $resul = mysqli_query($this->mysqli, $sql);
return $resul;
}
@@ -59,9 +60,10 @@
//Returns a query to check if the user name exists.
public function selectUser($username, $password){
$username = $this->mysqli->real_escape_string($username);
+ $password = $this->mysqli->real_escape_string($password);
$sql = sprintf( "SELECT * FROM users WHERE username = '%s'", $username );
- $resul = mysqli_query($this->mysqli, $sql) or die ('Error into query database');
+ $resul = mysqli_query($this->mysqli, $sql);
$resul->data_seek(0);
while ($fila = $resul->fetch_assoc()) {
@@ -76,19 +78,6 @@
return $user;
}
- //Returns a query to check if the user pass matches.
- public function selectPass($username, $password){
- $username = $this->mysqli->real_escape_string($username);
- $password = $this->mysqli->real_escape_string($password);
- $password = $this->encryptPass($password);
-
- $sql = sprintf( "SELECT * FROM users WHERE username = '%s' AND passwd = '%s'", $username, $password);
- $resul = mysqli_query($this->mysqli, $sql) or die ('Error into query database');
-
- //return $this->mysqli->query($sql);
- return $resul;
- }
-
//Returns a query to get the user's data.
public function userData($id){
$sql = sprintf( "SELECT * FROM users WHERE id = '%d'", $id );
@@ -109,6 +98,19 @@
}
+ //Change userpass by id.
+ public function changeUserPass($id, $password){
+ $id = $this->mysqli->real_escape_string($id);
+ $password = $this->mysqli->real_escape_string($password);
+ $password = $this->encryptPass($password);
+
+ $sql = sprintf( "UPDATE users SET passwd = '%s' WHERE id = '%d'", $password, $id );
+ $resul = mysqli_query($this->mysqli, $sql) or die ('Error into query database');
+
+ return $resul;
+
+ }
+
//Create a new User Data Transfer Object.
public function loadUser($id, $username, $email, $password, $rol){
return new User($id, $username, $email, $password, $rol);
diff --git a/panel_user/includes/formChangeEmail.php b/panel_user/includes/formChangeEmail.php
index 5a0d523..d40de4f 100644
--- a/panel_user/includes/formChangeEmail.php
+++ b/panel_user/includes/formChangeEmail.php
@@ -23,15 +23,9 @@ class FormChangeEmail extends Form {
$html = '
'.$htmlErroresGlobales.'
@@ -53,7 +47,7 @@ class FormChangeEmail extends Form {
$password = $datos['pass'] ?? null;
if ( empty($password) || mb_strlen($password) < 4 ) {
- $result['pass'] = "El password tiene que tener una longitud de al menos 4 caracteres.";
+ $result['pass'] = "El password tiene que tener\n una longitud de al menos\n 4 caracteres.";
}
$password2 = $datos['repass'] ?? null;
if ( empty($password2) || strcmp($password, $password2) !== 0 ) {
diff --git a/panel_user/includes/formChangeName.php b/panel_user/includes/formChangeName.php
index c4dff9f..94fca63 100644
--- a/panel_user/includes/formChangeName.php
+++ b/panel_user/includes/formChangeName.php
@@ -40,8 +40,8 @@ class FormChangeName extends Form {
$nombre = $datos['new_name'] ?? null;
$nombre = strtolower($nombre);
- if ( empty($nombre) || mb_strlen($nombre) < 3 ) {
- $result['new_name'] = "El nombre tiene que tener\n una longitud de al menos\n 3 caracteres.";
+ if ( empty($nombre) || mb_strlen($nombre) < 3 || mb_strlen($nombre) > 8 ) {
+ $result['new_name'] = "El nombre tiene que tener\n una longitud de al menos\n 3 caracteres\n y menos de 8 caracteres.";
}
$password = $datos['pass'] ?? null;
@@ -57,13 +57,14 @@ class FormChangeName extends Form {
$bd = new UserDAO("complucine");
$user = $bd->selectUser(unserialize($_SESSION['user'])->getName(), $password);
if (!$user) {
- $result[] = "Ha ocurrido un problema al actualizar el nombre de usuario.";
+ $result[] = "Ha ocurrido un problema\nal actualizar el nombre de usuario.";
$_SESSION['message'] = "
Ha ocurrido un probrema
-
No hemos podido actualizar su nombre de usuario.
+
No hemos podido actualizar su nombre de usuario,
+ revisa que la contraseña introducida sea correcta.
@@ -72,7 +73,7 @@ class FormChangeName extends Form {
";
} else {
$user = $bd->selectUser($nombre, $password);
- if (!$user){
+ if ($user){
$result[] = "El nombre de usuario ya existe.";
} else {
$bd->changeUserName(unserialize($_SESSION['user'])->getId(), $nombre);
@@ -102,4 +103,4 @@ class FormChangeName extends Form {
return htmlspecialchars(trim(strip_tags($input)));
}
}
-?>
+?>
\ No newline at end of file
diff --git a/panel_user/includes/formChangePass.php b/panel_user/includes/formChangePass.php
index b99209a..db6e938 100644
--- a/panel_user/includes/formChangePass.php
+++ b/panel_user/includes/formChangePass.php
@@ -14,28 +14,22 @@ class FormChangePass extends Form {
// Se generan los mensajes de error si existen.
$htmlErroresGlobales = self::generaListaErroresGlobales($errores);
- $errorNombre = self::createMensajeError($errores, 'nombre', 'span', array('class' => 'error'));
+ $errorOldPass = self::createMensajeError($errores, 'old_pass', 'span', array('class' => 'error'));
$errorPassword = self::createMensajeError($errores, 'pass', 'span', array('class' => 'error'));
$errorPassword2 = self::createMensajeError($errores, 'repass', 'span', array('class' => 'error'));
- $html = '