mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-12 06:25:51 +03:00
071f9769c6
Closes #282 * Added a new route * Added new methods * Triple security! * Passwords are actually changed * Also added a change password button, because 'save' has too much baggage. On security: checks whether you're logged in. Then checks whether your old password is actually the one that belongs to you (gets value from the email field for the email, see caveat no2). Checks the new passwords for === and length > 6 on client and server side as well. And THEN changes passwords. Caveats: * didn't add a test, as mocha fails spectacularly on my machine. SQLITE_CORRUPT: database disk image is malformed. Cute, huh? * Because we don't have / I'm not aware of / could not find a "currentuser" variable, I need to get the email address of the user we want to change from the email field. Theoretically if they replace that with another user's email address, and supply their pw, they will change THEIR password instead of their own.
78 lines
3.1 KiB
Handlebars
78 lines
3.1 KiB
Handlebars
<header>
|
|
<h2 class="title">Your Profile</h2>
|
|
<section class="page-actions">
|
|
<button class="button-save">Save</button>
|
|
</section>
|
|
</header>
|
|
<section class="content no-padding">
|
|
<header class="user-profile-header">
|
|
<figure class="cover-image">
|
|
<img id="user-cover-picture" src="{{#if cover_picture}}{{cover_picture}}{{else}}/shared/img/default-user-cover-picture.jpg{{/if}}" title="{{full_name}} Cover Image"/>
|
|
<button class="button-change-cover">Change Cover</button>
|
|
</figure>
|
|
</header>
|
|
<form class="user-details-container">
|
|
<fieldset class="user-details-top">
|
|
<figure class="user-avatar-image">
|
|
<img id="user-profile-picture" src="{{#if profile_picture}}{{profile_picture}}{{else}}/shared/img/default-user-profile-picture.jpg{{/if}}" title="{{full_name}}"/>
|
|
<button class="button-change-avatar">Update Avatar</button>
|
|
</figure>
|
|
<label>
|
|
<input type="text" value="{{full_name}}" id="user-name" placeholder="Joe Bloggs">
|
|
<p>Use your real name so people can recognise you.</p>
|
|
</label>
|
|
</fieldset>
|
|
<fieldset class="user-details-bottom">
|
|
<div class="form-group">
|
|
<label><strong>Email</strong></label>
|
|
<input type="text" value="{{email_address}}" id="user-email">
|
|
<p>Email will not be publicly displayed. <a class="highlight" href="#" >Learn more</a>.</p>
|
|
</div>
|
|
|
|
<div class="form-group">
|
|
<label><strong>Location</strong></label>
|
|
<input type="text" value="{{location}}" id="user-location">
|
|
<p>Where in the world do you live?</p>
|
|
</div>
|
|
|
|
<div class="form-group">
|
|
<label><strong>Website</strong></label>
|
|
<input type="text" value="{{url}}" id="user-website">
|
|
<p>Have a website or blog other than this one? Link it.</p>
|
|
</div>
|
|
|
|
<div class="form-group bio-container">
|
|
<label><strong>Bio</strong></label>
|
|
<textarea id="user-bio">{{bio}}</textarea>
|
|
<p class="bio-desc">Write about you, in <strong>200</strong> characters or less.</p>
|
|
<span class="word-count">97</span>
|
|
</div>
|
|
|
|
<hr>
|
|
|
|
</fieldset>
|
|
|
|
<fieldset class="user-details-bottom">
|
|
|
|
<div class="form-group">
|
|
<label><strong>Old Password</strong></label>
|
|
<input type="password" id="user-password-old">
|
|
<p><a href="#" >Forgot your password?</a></p>
|
|
</div>
|
|
|
|
<div class="form-group">
|
|
<label><strong>New Password</strong></label>
|
|
<input type="password" id="user-password-new">
|
|
</div>
|
|
|
|
<div class="form-group">
|
|
<label><strong>Verify Password</strong></label>
|
|
<input type="password" id="user-new-password-verification">
|
|
</div>
|
|
<button class="button-change-password">Change Password</button>
|
|
|
|
</fieldset>
|
|
|
|
</form>
|
|
</section>
|