vict3459/Ekapp
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fixed - Being able to change credentials without removing password

Browse Source 
Added - Checking if the password is the same to confirm password in admin
This commit is contained in:
Anders
2020-07-31 11:14:24 +02:00
parent d8ff713b90
commit 1f5660001e
3 changed files with 22 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
skolehjem/app/Http/Controllers/UserController.php
+17 -5
View File
@@ -121,14 +121,24 @@ class UserController extends Controller
*/
public function update(Request $request, $id)
{
$data = $request->all();
$user = User::find($id);
if($id === Auth::id() || auth()->user()->hasPermissionTo("user.edit")) {
if ($request->roles != null) { //You can only edit roles on the admin site, so if there is an input roles, then update user info and edit roles
/** @var User $user */
$user->update($data);
if ($request->password != "") { // If you have edited the password, then run this
if ($request->password == $request->password2) { // If the password is the same as confirm password, then update everything from user
$data = $request->all();
/** @var User $user */
$user->update($data);
} else // Else go back with an error message
return redirect()->route("users.edit", ['user' => $id])->with('error#passnotsame', '<p>Der stod ikke det samme i `Password` & `Confirm Password`!</p>');
}
else { // If you haven't touched the password, then update everything else but password
$data = $request->only(['name_first', 'name_last', 'email', 'phone', 'roles']);
/** @var User $user */
$user->update($data);
}
$user->roles()->detach();
$user->forgetCachedPermissions();
@@ -138,6 +148,7 @@ class UserController extends Controller
//$user->save();
} else { // Else if you're not on the admin site (user site)
$data = $request->all();
if ($request->input('password') != null) { // If you're editing the password
if ($request->input('password') != $request->input('confirmpassword')) { // If new password and new password confirm is not the same, go back with fail message.
return redirect()->route("users.accounteditpass")->with('error#notsamepass', '<p class="text-center">Der stod ikke det samme i `Nyt Password` & `Bekræft Nyt Password`!</p>');
@@ -148,9 +159,10 @@ class UserController extends Controller
$user->update($data);
Auth::logout();
return redirect()->route("users.login")->with('success#passwordchange', '<p class="text-center">Dit password er hermed ændret!</p>');
return redirect()->route("users.login")->with('success#passwordchange', '<p class="text-center text-white">Dit password er hermed ændret!</p>');
}
} else { // Else if you're not editing the password but anything else (Email, Phone Number). Then update user.
$data = $request->all();
$user->update($data);
return redirect()->route("users.account")->with('success#credentialschanged', '<p class="text-center">Dine oplysninger er hermed ændret!</p>');