diff --git a/app/Http/Controllers/Settings/HomeSettings.php b/app/Http/Controllers/Settings/HomeSettings.php index efe51758d..b63cedee8 100644 --- a/app/Http/Controllers/Settings/HomeSettings.php +++ b/app/Http/Controllers/Settings/HomeSettings.php @@ -38,14 +38,12 @@ trait HomeSettings 'name' => 'required|string|max:'.config('pixelfed.max_name_length'), 'bio' => 'nullable|string|max:'.config('pixelfed.max_bio_length'), 'website' => 'nullable|url', - 'email' => 'nullable|email', ]); $changes = false; $name = strip_tags(Purify::clean($request->input('name'))); $bio = $request->filled('bio') ? strip_tags(Purify::clean($request->input('bio'))) : null; $website = $request->input('website'); - $email = $request->input('email'); $user = Auth::user(); $profile = $user->profile; $layout = $request->input('profile_layout'); @@ -55,28 +53,6 @@ trait HomeSettings $validate = config('pixelfed.enforce_email_verification'); - if ($user->email != $email) { - $changes = true; - $user->email = $email; - - if ($validate) { - $user->email_verified_at = null; - // Prevent old verifications from working - EmailVerification::whereUserId($user->id)->delete(); - } - - $log = new AccountLog(); - $log->user_id = $user->id; - $log->item_id = $user->id; - $log->item_type = 'App\User'; - $log->action = 'account.edit.email'; - $log->message = 'Email changed'; - $log->link = null; - $log->ip_address = $request->ip(); - $log->user_agent = $request->userAgent(); - $log->save(); - } - // Only allow email to be updated if not yet verified if (!$validate || !$changes && $user->email_verified_at) { if ($profile->name != $name) { @@ -158,6 +134,52 @@ trait HomeSettings return view('settings.email'); } + public function emailUpdate(Request $request) + { + $this->validate($request, [ + 'email' => 'required|email', + ]); + $changes = false; + $email = $request->input('email'); + $user = Auth::user(); + $profile = $user->profile; + + $validate = config('pixelfed.enforce_email_verification'); + + if ($user->email != $email) { + $changes = true; + $user->email = $email; + + if ($validate) { + $user->email_verified_at = null; + // Prevent old verifications from working + EmailVerification::whereUserId($user->id)->delete(); + } + + $log = new AccountLog(); + $log->user_id = $user->id; + $log->item_id = $user->id; + $log->item_type = 'App\User'; + $log->action = 'account.edit.email'; + $log->message = 'Email changed'; + $log->link = null; + $log->ip_address = $request->ip(); + $log->user_agent = $request->userAgent(); + $log->save(); + } + + if ($changes === true) { + Cache::forget('user:account:id:'.$user->id); + $user->save(); + $profile->save(); + + return redirect('/settings/home')->with('status', 'Email successfully updated!'); + } else { + return redirect('/settings/email'); + } + + } + public function avatar() { return view('settings.avatar'); diff --git a/resources/views/settings/email.blade.php b/resources/views/settings/email.blade.php index aaef42b21..ac7e6d844 100644 --- a/resources/views/settings/email.blade.php +++ b/resources/views/settings/email.blade.php @@ -6,7 +6,7 @@

Email Settings

-
+ @csrf diff --git a/routes/web.php b/routes/web.php index 4f95d35f6..a7ca1622e 100644 --- a/routes/web.php +++ b/routes/web.php @@ -175,6 +175,7 @@ Route::domain(config('pixelfed.domain.app'))->middleware(['validemail', 'twofact Route::get('password', 'SettingsController@password')->name('settings.password')->middleware('dangerzone'); Route::post('password', 'SettingsController@passwordUpdate')->middleware('dangerzone'); Route::get('email', 'SettingsController@email')->name('settings.email'); + Route::post('email', 'SettingsController@emailUpdate'); Route::get('notifications', 'SettingsController@notifications')->name('settings.notifications'); Route::get('privacy', 'SettingsController@privacy')->name('settings.privacy'); Route::post('privacy', 'SettingsController@privacyStore');