remove old table structur in form, add csrf protection

This commit is contained in:
Uwe Steinmann 2021-01-25 09:09:02 +01:00
parent 44813338b1
commit b5d769fc1c

View File

@ -77,31 +77,42 @@ $(document).ready( function() {
echo "<div class=\"alert\">".getMLText('password_expiration_text')."</div>";
$this->contentContainerStart();
?>
<form action="../op/op.EditUserData.php" method="post" id="form" name="form1">
<table>
<tr>
<td><?php printMLText("current_password");?>:</td>
<td><input id="currentpwd" type="Password" name="currentpwd" size="30"></td>
</tr>
<tr>
<td><?php printMLText("password");?>:</td>
<td><input id="pwd" class="pwd" type="Password" rel="strengthbar" name="pwd" size="30"></td>
</tr>
<tr>
<td><?php printMLText("password_strength");?>:</td>
<td>
<div id="strengthbar" class="progress" style="width: 220px; height: 30px; margin-bottom: 8px;"><div class="bar bar-danger" style="width: 0%;"></div></div>
</td>
</tr>
<tr>
<td><?php printMLText("confirm_pwd");?>:</td>
<td><input id="pwdconf" type="Password" name="pwdconf" size="30"></td>
</tr>
<tr>
<td></td>
<td><input class="btn" type="submit" value="<?php printMLText("submit_userinfo") ?>"></td>
</tr>
</table>
<form class="form-horizontal" action="../op/op.EditUserData.php" method="post" id="form" name="form1">
<?php echo createHiddenFieldWithKey('edituserdata'); ?>
<?php
$this->formField(
getMLText("current_password"),
array(
'element'=>'input',
'type'=>'password',
'id'=>'currentpwd',
'name'=>'currentpwd',
'autocomplete'=>'off',
'required'=>true
)
);
$this->formField(
getMLText("new_password"),
'<input class="pwd" type="password" rel="strengthbar" id="pwd" name="pwd" size="30">'
);
if($passwordstrength) {
$this->formField(
getMLText("password_strength"),
'<div id="strengthbar" class="progress" style="width: 220px; height: 30px; margin-bottom: 8px;"><div class="bar bar-danger" style="width: 0%;"></div></div>'
);
}
$this->formField(
getMLText("confirm_pwd"),
array(
'element'=>'input',
'type'=>'password',
'id'=>'pwdconf',
'name'=>'pwdconf',
'autocomplete'=>'off',
)
);
$this->formSubmit("<i class=\"fa fa-save\"></i> ".getMLText('submit_password'));
?>
<input type="hidden" name="fullname" value="<?php print htmlspecialchars($user->getFullName());?>" />
<input type="hidden" name="email" value="<?php print htmlspecialchars($user->getEmail());?>" />
<input type="hidden" name="comment" value="<?php print htmlspecialchars($user->getComment());?>" />