fix issue #1717

Zotlabs/Module/Settings/Account.php

@@ -6,11 +6,11 @@ class Account {
 
 	function post() {
 		check_form_security_token_redirectOnErr('/settings/account', 'settings_account');
-		
+
 		call_hooks('account_settings_post', $_POST);
-	
+
 		$errs = array();
-	
+
 		$email = ((x($_POST,'email')) ? trim(notags($_POST['email'])) : '');
 
 		$account = \App::get_account();
@@ -34,38 +34,38 @@ class Account {
 				}
 			}
 		}
-	
+
 		if($errs) {
 			foreach($errs as $err)
 				notice($err . EOL);
 			$errs = array();
 		}
-	
-	
+
+
 		if((x($_POST,'npassword')) || (x($_POST,'confirm'))) {
-	
+
 			$origpass = trim($_POST['origpass']);
-	
+
 			require_once('include/auth.php');
 			if(! account_verify_password($email,$origpass)) {
 				$errs[] = t('Password verification failed.');
 			}
-	
+
 			$newpass = trim($_POST['npassword']);
 			$confirm = trim($_POST['confirm']);
-	
+
 			if($newpass != $confirm ) {
 				$errs[] = t('Passwords do not match. Password unchanged.');
 			}
-	
+
 			if((! x($newpass)) || (! x($confirm))) {
 				$errs[] = t('Empty passwords are not allowed. Password unchanged.');
 			}
-	
+
 			if(! $errs) {
 				$salt = random_string(32);
 				$password_encoded = hash('whirlpool', $salt . $newpass);
-				$r = q("update account set account_salt = '%s', account_password = '%s', account_password_changed = '%s' 
+				$r = q("update account set account_salt = '%s', account_password = '%s', account_password_changed = '%s'
 					where account_id = %d",
 					dbesc($salt),
 					dbesc($password_encoded),
@@ -78,36 +78,37 @@ class Account {
 					$errs[] = t('Password update failed. Please try again.');
 			}
 		}
-	
-	
+
+
 		if($errs) {
 			foreach($errs as $err)
 				notice($err . EOL);
 		}
 		goaway(z_root() . '/settings/account' );
 	}
-	
 
-	
+
+
 	function get() {
 		$account_settings = "";
-			
+
 		call_hooks('account_settings', $account_settings);
-	
+
 		$email      = \App::$account['account_email'];
-		$attremail  = (!strpos($email, '@')) ? 'disabled="disabled"' : '';
+		$attremail  = ((!strpos($email, '@')) ? 'disabled="disabled"' : '');
 
 		$tpl = get_markup_template("settings_account.tpl");
 		$o .= replace_macros($tpl, array(
 			'$form_security_token' => get_form_security_token("settings_account"),
-			'$title'	=> t('Account Settings'),
-			'$origpass' => array('origpass', t('Current Password'), ' ',''),
-			'$password1'=> array('npassword', t('Enter New Password'), '', ''),
-			'$password2'=> array('confirm', t('Confirm New Password'), '', t('Leave password fields blank unless changing')),
-			'$submit' 	=> t('Submit'),
-			'$email' 	=> array('email', t('DId2 or Email Address:'), $email, '', '', $attremail),
-			'$removeme' => t('Remove Account'),
-			'$removeaccount' => t('Remove this account including all its channels'),
+			'$title'            => t('Account Settings'),
+			'$origpass'         => array('origpass', t('Current Password'), ' ',''),
+			'$password1'        => array('npassword', t('Enter New Password'), '', ''),
+			'$password2'        => array('confirm', t('Confirm New Password'), '', t('Leave password fields blank unless changing')),
+			'$submit'           => t('Submit'),
+			'$email'            => array('email', t('DId2 or Email Address:'), $email, '', '', $attremail),
+			'$email_hidden'     => (($attremail) ? $email : ''),
+			'$removeme'         => t('Remove Account'),
+			'$removeaccount'    => t('Remove this account including all its channels'),
 			'$account_settings' => $account_settings
 		));
 		return $o;

include/auth.php

@@ -112,6 +112,7 @@ function account_verify_password($login, $pass) {
 		}
 
 		if($channel) {
+
 			// Try the authentication plugin again since weve determined we are using the channel login instead of account login
 			$addon_auth = [
 				'username'      => $account['account_email'],

view/tpl/settings_account.tpl

@@ -8,6 +8,9 @@
 		<input type='hidden' name='form_security_token' value='{{$form_security_token}}'>
 		<div class="section-content-tools-wrapper">
 			{{include file="field_input.tpl" field=$email}}
+			{{if $email_hidden}}
+			<input type='hidden' name='email' value='{{$email_hidden}}'>
+			{{/if}}
 			{{include file="field_password.tpl" field=$origpass}}
 			{{include file="field_password.tpl" field=$password1}}
 			{{include file="field_password.tpl" field=$password2}}