/** * Process a user account update * * @param array $post * @param array $account * @param string $gpg_public_key */ protected function processAccountUpdate(array $post = [], array $account = [], string $gpg_public_key = '') { if (!empty($post['passphrase'])) { // Lazy hack $post['username'] = $account['username']; if ($this->acct->isPasswordWeak($post)) { $this->lens('my_account', ['account' => $account, 'gpg_public_key' => $gpg_public_key, 'post_response' => ['message' => \__('Supplied password is too weak.'), 'status' => 'error']]); } // Log password changes as a WARNING $this->log('Changing password for user, ' . $account['username'], LogLevel::WARNING); $this->acct->setPassphrase(new HiddenString($post['passphrase']), $_SESSION['userid']); if ($this->config('password-reset.logout')) { $this->acct->invalidateLongTermAuthTokens($_SESSION['userid']); // We're not logging ourselves out! $_SESSION['session_canary'] = $this->acct->createSessionCanary($_SESSION['userid']); } unset($post['username'], $post['passphrase']); } if ($this->acct->updateAccountInfo($post, $account)) { // Refresh: $account = $this->acct->getUserAccount($this->getActiveUserId()); $gpg_public_key = $this->getGPGPublicKey($account['gpg_public_key']); $this->lens('my_account', ['account' => $account, 'gpg_public_key' => $gpg_public_key, 'post_response' => ['message' => \__('Account was saved successfully.'), 'status' => 'success']]); } $this->lens('my_account', ['account' => $post, 'gpg_public_key' => $gpg_public_key, 'post_response' => ['message' => \__('Account was not saved successfully.'), 'status' => 'error']]); }