diff --git a/app/locale/en_US.UTF-8/LC_MESSAGES/messages.po b/app/locale/en_US.UTF-8/LC_MESSAGES/messages.po index ce9791fe..6122b9de 100644 --- a/app/locale/en_US.UTF-8/LC_MESSAGES/messages.po +++ b/app/locale/en_US.UTF-8/LC_MESSAGES/messages.po @@ -2488,3 +2488,12 @@ msgstr "" msgid "(If not exists, will be try create)" msgstr "" + +msgid "Password already registered." +msgstr "" + +msgid "Password not registered." +msgstr "" + +msgid "(Leave blank if you do not wish to change.)" +msgstr "" diff --git a/app/locale/ja_JP.UTF-8/LC_MESSAGES/messages.mo b/app/locale/ja_JP.UTF-8/LC_MESSAGES/messages.mo index 386b0933..c9949996 100644 Binary files a/app/locale/ja_JP.UTF-8/LC_MESSAGES/messages.mo and b/app/locale/ja_JP.UTF-8/LC_MESSAGES/messages.mo differ diff --git a/app/locale/ja_JP.UTF-8/LC_MESSAGES/messages.po b/app/locale/ja_JP.UTF-8/LC_MESSAGES/messages.po index 91bc4e86..76896905 100644 --- a/app/locale/ja_JP.UTF-8/LC_MESSAGES/messages.po +++ b/app/locale/ja_JP.UTF-8/LC_MESSAGES/messages.po @@ -2535,3 +2535,12 @@ msgstr "`CREATE DATABASE`のsql実行に失敗しました、事前に`CREATE DA msgid "(If not exists, will be try create)" msgstr "(未作成の場合、作成を試行します)" + +msgid "Password already registered." +msgstr "パスワード設定済み" + +msgid "Password not registered." +msgstr "パスワード未設定" + +msgid "(Leave blank if you do not wish to change.)" +msgstr "(パスワードを変更しない場合、空欄のままとしてください)" diff --git a/app/src/Model/BlogsModel.php b/app/src/Model/BlogsModel.php index 53157f96..c890eea8 100644 --- a/app/src/Model/BlogsModel.php +++ b/app/src/Model/BlogsModel.php @@ -34,19 +34,36 @@ public function getTableName(): string /** * プライベートモード時のパスワード必須チェック * @param $value - * @param $valid - * @param $k - * @param $d + * @param $option + * @param $key + * @param $data * @return bool|string */ - public static function privateCheck($value, $valid, $k, $d) - { - if ($value == null || $value === '') { - if ($d['open_status'] == Config::get('BLOG.OPEN_STATUS.PRIVATE')) { - return __('Please Be sure to set the password if you want to private'); - } + public static function privateCheck($value, $option, $key, $data) + { + if ( + $data['open_status'] == Config::get('BLOG.OPEN_STATUS.PRIVATE') && + ( + // パスワードを入力したか、あるいはすでにパスワード設定済みか + strlen((string)$value) === 0 && + !static::isPasswordRegistered($data['_blog_id']) + ) + ) { + return __('Please Be sure to set the password if you want to private'); + }else{ + return true; } - return true; + } + + /** + * 指定blog idのブログのパスワードが設定済みか? + * @param $blog_id + * @return bool + */ + public static function isPasswordRegistered($blog_id) + { + $blog = (new BlogsModel)->findById($blog_id); + return (!empty($blog) && strlen($blog['blog_password']) > 0); } /** @@ -474,7 +491,7 @@ public static function regeneratePluginPhpByBlogId(string $blog_id): void * @param array $options * @return array|false|int|mixed */ - public function updateById(array $values, $id, array $options = array()) + public function updateById(array $values, $id, array $options = []) { $values['updated_at'] = date('Y-m-d H:i:s'); return parent::updateById($values, $id, $options); diff --git a/app/src/Web/Controller/Admin/BlogsController.php b/app/src/Web/Controller/Admin/BlogsController.php index 87c93e6b..54465b96 100644 --- a/app/src/Web/Controller/Admin/BlogsController.php +++ b/app/src/Web/Controller/Admin/BlogsController.php @@ -104,8 +104,19 @@ public function edit(Request $request): string // 更新処理 $white_list = ['name', 'introduction', 'nickname', 'timezone', 'blog_password', 'open_status', 'ssl_enable', 'redirect_status_code']; - $errors['blog'] = $blogs_model->validate($request->get('blog'), $blog_data, $white_list); + $errors['blog'] = $blogs_model->validate( + // バリデーションのために、blog_idを引き回している。バリデーションを作り変えたい + array_merge($request->get('blog'), ["_blog_id"=>$blog_id]), + $blog_data, + $white_list + ); if (empty($errors['blog'])) { + // パスワード空欄なら、パスワードを更新しない + if (strlen($blog_data['blog_password']) > 0) { + $blog_data['blog_password'] = password_hash($blog_data['blog_password'], PASSWORD_DEFAULT); + }else{ + $blog_data['blog_password'] = ($blogs_model->findById($blog_id))['blog_password']; + } if ($blogs_model->updateById($blog_data, $blog_id)) { $this->setBlog(['id' => $blog_id, 'nickname' => $blog_data['nickname']]); // ニックネームの更新 $this->setInfoMessage(__('I updated a blog')); diff --git a/app/src/Web/Controller/User/EntriesController.php b/app/src/Web/Controller/User/EntriesController.php index c910da5d..ad5f2466 100644 --- a/app/src/Web/Controller/User/EntriesController.php +++ b/app/src/Web/Controller/User/EntriesController.php @@ -730,7 +730,7 @@ public function blog_password(Request $request): string // 認証処理 if ($request->get('blog')) { - if ($request->get('blog.password') == $blog['blog_password']) { + if (password_verify($request->get('blog.password'), $blog['blog_password'])) { Session::set($this->getBlogPasswordKey($blog['id']), true); $this->set('auth_success', true); // for testing. $this->redirect($request, ['action' => 'index', 'blog_id' => $blog_id]); diff --git a/app/src/Web/Html.php b/app/src/Web/Html.php index 08af1863..9bc3bd63 100644 --- a/app/src/Web/Html.php +++ b/app/src/Web/Html.php @@ -148,6 +148,11 @@ public static function input(Request $request, $name, $type, $attrs = array(), $ $html = ''; break; + case 'blank_password': + // 一方向に設定するので、表示しない + $html = ''; + break; + case 'file': $html = ''; break; diff --git a/app/templates/default/fc2_default_template_sp.php b/app/templates/default/fc2_default_template_sp.php index a65fb659..1c761c19 100644 --- a/app/templates/default/fc2_default_template_sp.php +++ b/app/templates/default/fc2_default_template_sp.php @@ -7,7 +7,7 @@ - <%sub_title> - <%blog_name> + <!--not_index_area--><%sub_title> - <!--/not_index_area--><%blog_name> @@ -188,7 +188,7 @@ function submit(){
- <%template_send> + <%template_send>