-Malte

337ed59f · Malte Sussdorff · 0ec06838 · 337ed59f · 337ed59f · 337ed59f
Commit 337ed59f authored Apr 27, 2007 by Malte Sussdorff
30 changed files
--- a/catalog/acs-subsite.cs_CZ.utf-8.xml
+++ b/catalog/acs-subsite.cs_CZ.utf-8.xml
+<?xml version="1.0" encoding="utf-8"?>
+<message_catalog package_key="acs-subsite" package_version="5.2.3" locale="cs_CZ" charset="utf-8">
+
+  <msg key="Change_locale_label">Změnit jazyk</msg>
+  <msg key="Change_pass_email_por">Změnit heslo, e-mail, portrét</msg>
+  <msg key="Logout">Odhlásit</msg>
+  <msg key="Logout_from_system">Odhlásit z %system_name%</msg>
+  <msg key="Welcome_user">Vítejte, %user_name%</msg>
+  <msg key="Your_Account">Váš účet</msg>
+</message_catalog>
--- a/catalog/acs-subsite.en_GB.ISO-8859-1.xml
+++ b/catalog/acs-subsite.en_GB.ISO-8859-1.xml
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<message_catalog package_key="acs-subsite" package_version="5.2.3" locale="en_GB" charset="ISO-8859-1">
+
+  <msg key="lt_Upload_your_favorite">Upload your favourite file, a scanned JPEG or GIF, from your desktop
+computer system (note that you can't refer to an image elsewhere on
+the Internet; this image must be on your computer's hard drive).</msg>
+</message_catalog>
--- a/catalog/acs-subsite.hi_IN.utf-8.xml
+++ b/catalog/acs-subsite.hi_IN.utf-8.xml
--- a/catalog/acs-subsite.nl_ZA.ISO-8859-1.xml
+++ b/catalog/acs-subsite.nl_ZA.ISO-8859-1.xml
--- a/catalog/acs-subsite.pa_IN.utf-8.xml
+++ b/catalog/acs-subsite.pa_IN.utf-8.xml
+<?xml version="1.0" encoding="utf-8"?>
+<message_catalog package_key="acs-subsite" package_version="5.3.0d1" locale="pa_IN" charset="utf-8">
+
+  <msg key="Change_pass_email_por">ਗੁਪਤ-ਕੋਡ, ਈ-ਮੇਲ, ਪੋਰਟਰੇਟ</msg>
+  <msg key="Logout">ਲਾਗਆਉਟ</msg>
+  <msg key="Logout_from_system">%system_name% ਤੋਂ ਲਾਗ ਆਉਟ</msg>
+  <msg key="Welcome_user">%user_name% ਜੀ ਆਇਆਂ ਨੂੰ</msg>
+</message_catalog>
--- a/catalog/acs-subsite.th_TH.utf-8.xml
+++ b/catalog/acs-subsite.th_TH.utf-8.xml
+<?xml version="1.0" encoding="utf-8"?>
+<message_catalog package_key="acs-subsite" package_version="5.3.0d1" locale="th_TH" charset="utf-8">
+
+  <msg key="Change_pass_email_por">เปลี่ยนรหัสเข้า อีเมล์ รูปภาพ</msg>
+  <msg key="Logout">ออกจากระบบ</msg>
+  <msg key="Logout_from_system">ออกจาก %system_name%</msg>
+  <msg key="Welcome_user">ยินดีต้อนรับ, %user_name%</msg>
+</message_catalog>
--- a/lib/message.adp
+++ b/lib/message.adp
+<master>
+  <property name="title">@title;noquote@</property>
+  <property name="context">@context;noquote@</property>
+
+  @message;noquote@
--- a/lib/message.tcl
+++ b/lib/message.tcl
+ad_page_contract {
+    This include expects "message" to be set as html
+    and if no title is present uses "Message".  Used to inform of actions
+    in registration etc.
+
+    @cvs-id $Id$
+}
+if {![exists_and_not_null title]} {
+    set page_title Message
+}
+set context [list $title]
--- a/lib/subsites.xql
+++ b/lib/subsites.xql
+<?xml version="1.0"?>
+<queryset>
+
+  <fullquery name="select_subsites">
+    <querytext>
+
+    select p.package_id,
+           p.instance_name,
+           n.node_id, 
+           n.name,
+           :subsite_url || n.name as url,
+           (select count(*)
+            from   group_approved_member_map m
+            where  m.rel_type = 'membership_rel'
+            and    m.group_id = ag.group_id) as num_members,
+           (select min(r2.member_state)
+            from   group_member_map m2,
+                   membership_rels r2
+            where  m2.group_id = ag.group_id
+            and    m2.member_id = :untrusted_user_id
+            and    r2.rel_id = m2.rel_id) as member_state,
+           g.group_id,
+           g.join_policy
+    from   site_nodes n,
+           apm_packages p,
+           application_groups ag,
+           groups g
+    where  n.parent_id = :subsite_node_id
+      and    p.package_id = n.object_id
+      and    p.package_key  in ('[join [subsite::package_keys] {','}]')
+      and    ag.package_id = p.package_id
+      and    g.group_id = ag.group_id
+      and    (exists (select 1 
+                   from   all_object_party_privilege_map perm 
+                   where  perm.object_id = p.package_id
+                   and    perm.privilege = 'read'
+                   and    perm.party_id = :untrusted_user_id) or g.join_policy != 'closed')
+    order  by lower(instance_name)
+
+      </querytext>
+  </fullquery>
+</queryset>
+
--- a/lib/user-subsites.adp
+++ b/lib/user-subsites.adp
+  <if @groups:rowcount@ gt 0> 
+  <h2>#acs-subsite.You_are_in_the_follow#</h2>
+  <ul>
+    <multiple name="groups">
+      <li> <a href="@groups.url@">@groups.group_name@</a><if @groups.admin_p@ true>&nbsp;[<a href="@groups.url@admin/">#acs-kernel.common_Administration#</a>]</if></li>
+    </multiple>
+  </ul>
+  </if>
\ No newline at end of file
--- a/lib/user-subsites.tcl
+++ b/lib/user-subsites.tcl
+db_multirow -extend {url admin_p} groups groups {
+  select distinct ap.package_id, groups.group_id, lower(groups.group_name), groups.group_name
+     from groups, group_member_map gm, application_groups ap
+     where groups.group_id = gm.group_id and gm.member_id=:user_id
+       and ap.group_id = groups.group_id
+  order by lower(groups.group_name)
+} {
+    set admin_p [permission::permission_p -party_id $user_id -object_id $group_id -privilege "admin"]
+    set url [apm_package_url_from_id $package_id]
+}
--- a/sql/oracle/email-image-drop.sql
+++ b/sql/oracle/email-image-drop.sql
+--
+-- packages/acs-subsite/sql/portraits-drop.sql
+--
+-- author  Miguel Marin (miguelmarin@viaro.net) Viaro Networks (www.viaro.net)
+-- creation-date 2005-01-22
+--
+
+drop table email_images;
+
+begin
+  acs_rel_type.drop_type('email_image_rel');
+end;
+/
+show errors
--- a/sql/oracle/email-image.sql
+++ b/sql/oracle/email-image.sql
+-- Email-Image Data Model
+-- author  Miguel Marin (miguelmarin@viaro.net) Viaro Networks (www.viaro.net)
+-- creation-date 2005-01-22
+
+
+create table email_images (
+	user_id		constraint email_images_user_id_fk
+			references users
+			constraint email_images_user_id_pk
+			primary key
+);
+
+begin
+  acs_rel_type.create_role('email_image', 'Email Image', 'Email Images');
+
+  acs_rel_type.create_type (
+    rel_type => 'email_image_rel',
+    pretty_name => 'Email Image',
+    pretty_plural => 'Email Images',
+    object_type_one => 'user',
+    role_one => 'user',
+    table_name => 'email_images',
+    id_column => 'user_id',
+    package_name => 'email_image_rel',
+    min_n_rels_one => 1,
+    max_n_rels_one => 1,
+    object_type_two => 'content_item',
+    min_n_rels_two => 0,
+    max_n_rels_two => 1
+  );
+
+  commit;
+end;
+/
+show errors
--- a/sql/oracle/upgrade/upgrade-5.2.0b5-5.2.0b6.sql
+++ b/sql/oracle/upgrade/upgrade-5.2.0b5-5.2.0b6.sql
+-- 
+-- 
+-- 
+-- @author Dave Bauer (dave@thedesignexperience.org)
+-- @creation-date 2005-11-29
+-- @arch-tag: 6595c279-ae92-4dd8-955f-1184e1fccbd7
+-- @cvs-id $Id$
+--
+
+
+alter table site_nodes_selection drop constraint site_nodes_sel_id_fk;
+alter table site_nodes_selection add constraint site_nodes_sel_id_fk foreign key (node_id) references acs_objects(object_id) on delete cascade;
--- a/sql/postgresql/email-image-drop.sql
+++ b/sql/postgresql/email-image-drop.sql
+--
+-- packages/acs-subsite/sql/email-image-drop.sql
+--
+-- author Miguel Marin (miguelmarin@viaro.net) Viaro Networks (www.viaro.net)
+-- creation-date 2005-01-22
+--
+
+select acs_rel_type__drop_type('email_image_rel', 'f');
+select acs_rel_type__drop_role('email_image');
+
+drop table email_images;
--- a/sql/postgresql/email-image.sql
+++ b/sql/postgresql/email-image.sql
+-- Email Image Data Model
+-- author Miguel Marin (miguelmarin@viaro.net) Viaro Networks (www.viaro.net)
+-- creation-date 2005-01-22
+
+
+create table email_images (
+	user_id		integer constraint email_images_user_id_fk
+			references users
+			constraint email_images_user_id_pk
+			primary key
+);
+
+create function inline_0 ()
+returns integer as '
+begin
+  PERFORM acs_rel_type__create_role(''email_image'', ''Email Image'', ''Email Images'');
+
+  PERFORM acs_rel_type__create_type (
+      ''email_image_rel'',
+      ''Email Image'',
+      ''Email Images'',
+      ''relationship'',
+      ''email_images'',
+      ''user_id'',
+      ''email_image_rel'',
+      ''user'',
+      ''user'',
+      1,
+      1,
+      ''content_item'',
+      null,
+      0,
+      1
+  );
+
+  return 0;
+end;' language 'plpgsql';
+
+select inline_0 ();
+
+drop function inline_0 ();
--- a/sql/postgresql/upgrade/upgrade-5.2.0b5-5.2.0b6.sql
+++ b/sql/postgresql/upgrade/upgrade-5.2.0b5-5.2.0b6.sql
+-- 
+-- 
+-- 
+-- @author Dave Bauer (dave@thedesignexperience.org)
+-- @creation-date 2005-11-29
+-- @arch-tag: 2e1f8368-2c55-49fb-9b34-9cd6564288e1
+-- @cvs-id $Id$
+--
+
+alter table site_nodes_selection drop constraint site_nodes_sel_id_fk;
+alter table site_nodes_selection add constraint site_nodes_sel_id_fk foreign key (node_id) references acs_objects(object_id) on delete cascade;
--- a/www/admin/manage-email-privacy.adp
+++ b/www/admin/manage-email-privacy.adp
+<master>
+  <property name="title">#acs-subsite.manage_users_email#</property>
+  <property name="context">@context;noquote@</property>
+
+<formtemplate id=private-email></formtemplate>
\ No newline at end of file
--- a/www/admin/manage-email-privacy.tcl
+++ b/www/admin/manage-email-privacy.tcl
+ad_page_contract {
+    Administer the PrivateEmailLevelP parameter
+    
+    @author Miguel Marin (miguelmarin@viaro.net) Viaro Networks (www.viaro.net)
+} {
+
+} -properties {
+    context:onevalue
+}
+
+set page_title  "\"#acs-subsite.manage_users_email\#\""
+set context [list [list "." "Users"] "\"#acs-subsite.manage_users_email\#\""]
+
+
+set user_id [auth::require_login -account_status closed]
+
+ad_form -name private-email -form {
+    {level:integer(select)
+	{label "\#acs-subsite.Change_my_email_P\#:"}
+	{options {{"[_ acs-subsite.email_as_text_admin]" 4} {"[_ acs-subsite.email_as_image_admin]" 3} \
+		      {"[_ acs-subsite.email_as_a_form_admin]" 2} {"[_ acs-subsite.email_dont_show_admin]" 1}}}
+    }
+} -on_request {
+    set level [parameter::get_from_package_key -package_key "acs-subsite" \
+			    -parameter "PrivateEmailLevelP" -default 4]
+} -on_submit {
+    set package_id [apm_package_id_from_key acs-subsite]
+    parameter::set_value -package_id $package_id -parameter "PrivateEmailLevelP" -value $level
+
+} -after_submit {
+    ad_returnredirect "/acs-admin/users/"
+}
\ No newline at end of file
--- a/www/file.vuh
+++ b/www/file.vuh
+# packages/acs-subsite/www/image.vuh
+#
+# Subsite handler for images
+#
+# @author Dave Bauer (dave@thedesignexperience.org)
+# @creation-date 2006-08-01
+# @cvs-id $Id$
+
+if {![regexp {^/([0-9]{1,8})(/(private)/([0-9]{1,8}))?(/(.*))?$} [ad_conn path_info] match object_id private_slash private dummy anchor]} {
+    ad_return_warning "Invalid object id" [subst {
+        The identifier given for this object is invalid.  Please check your url 
+        or contact the webmaster if you think it should work.
+    }]
+    return
+}
+
+# check permissions!
+if {$private eq "private"} {
+	# find if the image has a parent link to the object
+	# that is, if the image is used in a content item and you can read the
+	# content item, you can read the image regardless of the permissions
+	
+	if {![application_data_link::link_exists \
+		-from_object_id $private_parent_id \
+		-to_object_id $object_id]} {
+		# if the link does not exist it might be
+	        # because its a new object
+	        # that means you uploaded the image so you can see it in the editor while you are working on it
+		if {![permission::permission_p \
+			-object_id $object_id \
+			-privilege "read" \
+			-party_id [ad_conn user_id]]} {
+			# if you don't have permission to see it, it doesn't exist
+				ns_returnnotfound
+				ad_script_abort
+		}
+	} elseif {![permission::permission_p \
+	-privilege "read" \
+	-object_id $private_parent_id \
+	-party_id [ad_conn user_id]]} {
+	ns_returnnotfound
+	ad_script_abort
+	}
+} else {
+	if {![permission::permission_p \
+	    -privilege "read" \
+	    -object_id $object_id \
+	    -party_id [ad_conn user_id]]} {
+		ns_returnnotfound 
+		ad_script_abort
+	}
+}
+
+# find a cr_item and serve it
+
+cr_write_content -item_id $object_id
\ No newline at end of file
--- a/www/image.vuh
+++ b/www/image.vuh
+# packages/acs-subsite/www/image.vuh
+#
+# Subsite handler for images
+#
+# @author Dave Bauer (dave@thedesignexperience.org)
+# @creation-date 2006-08-01
+# @cvs-id $Id$
+set url [ad_conn path_info]
+if {![regexp {^/([0-9]{1,8})(/(|thumbnail|info))?(/(private)/([0-9]{1,8}))?(/(.*))?$} $url match object_id extra_arg_slash extra_arg private_slash private private_parent_id filename_slash filename anchor]} {
+    ad_return_warning "Invalid object id" [subst {
+        The identifier given for this object (${object_id}) is invalid.  Please check your url 
+        or contact the webmaster if you think it should work.
+    }]
+    return
+}
+
+# check permissions!
+if {$private eq "private"} {
+	# find if the image has a parent link to the object
+	# that is, if the image is used in a content item and you can read the
+	# content item, you can read the image regardless of the permissions
+	
+	if {![application_data_link::link_exists \
+		-from_object_id $private_parent_id \
+		-to_object_id $object_id]} {
+		# if the link does not exist it might be
+	        # because its a new object
+	        # that means you uploaded the image so you can see it in the editor while you are working on it
+		if {![permission::permission_p \
+			-object_id $object_id \
+			-privilege "read" \
+			-party_id [ad_conn user_id]]} {
+			# if you don't have permission to see it, it doesn't exist
+				ns_returnnotfound
+				ad_script_abort
+		}
+	} elseif {![permission::permission_p \
+	-privilege "read" \
+	-object_id $private_parent_id \
+	-party_id [ad_conn user_id]]} {
+	ns_returnnotfound
+	ad_script_abort
+        }
+} elseif {$extra_arg eq ""} {
+	if {![permission::permission_p \
+	    -privilege "read" \
+	    -object_id $object_id \
+	    -party_id [ad_conn user_id]]} {
+		ns_returnnotfound 
+		ad_script_abort
+	}
+}
+# find a cr_item and serve it
+
+if {$extra_arg eq "thumbnail"} {
+	#find the thumbnail object_id
+	set object_id [image::get_resized_item_id -item_id $object_id -size_name thumbnail]
+}
+
+if {$extra_arg eq "info"} {
+	rp_form_put item_id $object_id
+	rp_form_put filename $filename
+	rp_internal_redirect "/packages/acs-content-repository/www/image-info"
+	ad_script_abort
+} else {
+	cr_write_content -item_id $object_id
+}
+
--- a/www/o.vuh
+++ b/www/o.vuh
+ad_page_contract {
+    This page accepts an object_id and uses the FtsContentProvider url
+    method for the content type of that item to redirect to the page
+    to display the object.
+
+    @author Jeff Davis davis@xarg.net
+    @creation-date 2003-12-29
+    @cvs-id $Id$
+} {}
+
+if {![regexp {^/([0-9]{1,8})(-(.+))?$} [ad_conn path_info] match object_id dummy anchor]} {
+    ad_return_warning "Invalid object id" [subst {
+        The identifier given for this object is invalid.  Please check your url 
+        or contact the webmaster if you think it should work.
+    }]
+    return
+}
+
+if {![empty_string_p $anchor]} { 
+    set anchor "#$anchor"
+}
+
+if {![ db_0or1row object_data {
+    select o.object_type, o.title, o.package_id
+    from acs_objects o
+    where o.object_id = :object_id
+}]} { 
+    ns_returnnotfound
+    return
+}
+
+# Users are handled as a special case since we want to preserve the subsite
+# we are loading from...
+if {[string eq $object_type user]} {
+    ad_returnredirect [acs_community_member_url -user_id $object_id]
+    ad_script_abort
+}
+
+
+if {[string eq $object_type content_item]} {
+    db_0or1row object_data {
+        select o.object_type, o.object_id, o.package_id
+        from acs_objects o, cr_items i
+        where i.item_id = :object_id
+          and o.object_id = coalesce(i.live_revision, i.latest_revision, i.item_id)
+    }
+    if {[string eq $object_type content_item]} {
+        # punt, assume file storage extlink for now
+        # JCDXXX TODO: figure out what to do...
+        ad_returnredirect [apm_package_url_from_id $package_id]simple?object_id=$object_id&todo=fixthis
+    }
+
+}
+
+if {![info exists object_type]} {
+    ad_return_warning "Invalid object ID" [subst {
+        The object ID $object_id doesn't exist.
+        <p>We are sorry for this inconvenience.
+    }]
+    return
+}
+
+# Try to retrieve the page url using a callback that makes use of upvar
+
+set page_url [lindex [callback -catch -impl $object_type subsite::url -object_id $object_id -package_id $package_id -type "display"] 0]
+
+# If this did not work, try again with the Service contract
+if {[empty_string_p $page_url]} {
+	set page_url [acs_sc::invoke -contract FtsContentProvider -operation url -impl $object_type -call_args [list $object_id]]
+}
+
+if {![empty_string_p $page_url]} {
+    ad_returnredirect $page_url$anchor
+} else {
+    ad_return_warning "Invalid object ID" [subst {
+        The object ID $object_id is a $object_type but getting 
+        it's real url failed.
+        <p>We are sorry for this inconvenience.
+    }]
+}
+
+
--- a/www/shared/email-image-bits.tcl
+++ b/www/shared/email-image-bits.tcl
+ad_page_contract {
+    spits out correctly MIME-typed bits for a user's email-image
+
+    @author Miguel Marin (miguelmarin@viaro.net) Viaro Networks (www.viaro.net)
+} {
+    revision_id:integer
+}
+
+cr_write_content -revision_id $revision_id
+
--- a/www/shared/send-email.adp
+++ b/www/shared/send-email.adp
+<master>
+  <property name="title">@page_title;noquote@</property>
+  <property name="context">@context;noquote@</property>
+
+	
+<h4>#acs-subsite.mail_a_message_to# @first_names@ @last_name@</h4>
+<formtemplate id=send-email></formtemplate>
\ No newline at end of file
--- a/www/shared/send-email.tcl
+++ b/www/shared/send-email.tcl
+ad_page_contract {
+    Sends an email to the user with user_id = sendto
+    
+    @author Miguel Marin (miguelmarin@viaro.net) Viaro Networks (www.viaro.net)
+} {
+    sendto:notnull
+    {return_url ""}
+} -properties {
+    context:onevalue
+}
+
+set user_id [auth::require_login -account_status closed]
+set page_title "\#acs-subsite.Send_email_to_this_user\#"
+set context [list [list [ad_pvt_home] [ad_pvt_home_name]] "Send Email"]
+
+
+if {[string equal $return_url ""]} {
+    set return_url [ad_pvt_home]
+}
+
+db_1row user_to_info { *SQL* }
+set from [email_image::get_email -user_id $user_id]
+
+ad_form -name send-email -export {sendto $sendto} -form {
+    {from:text(text),optional
+	{label "From:"}
+	{html {{disabled ""} {size 40}}}
+	{value $from}
+    }
+    {subject:text(text)
+	{label "Subject:"}
+	{html {size 70}}
+    }
+    {body:text(textarea),nospell
+	{label "Body:"}
+	{html {rows 10 cols 55}}
+	{value ""}
+    }
+    {copy:text(checkbox),optional
+	{label "\#acs-subsite.Send_me_a_copy\#"}
+	{options {{"" 1 }}}
+    }
+} -on_submit {
+    set to [email_image::get_email -user_id $sendto]
+    if [catch {ns_sendmail "$to" "$from" "$subject" "$body"} errmsg] {
+    ad_return_error "Mail Failed" "The system was unable to send email.  Please notify the user personally. \
+                    This problem is probably caused by a misconfiguration of your email system.  Here is the error:
+                    <blockquote><pre>
+                        [ad_quotehtml $errmsg]
+                    </pre></blockquote>"
+	return
+    }
+    if { [string equal $copy 1]} {
+	if [catch {ns_sendmail "$from" "$from" "$subject" "$body"} errmsg] {
+	    ad_return_error "Mail Failed" "The system was unable to send email.  Please notify the user personally. \
+                            This problem is probably caused by a misconfiguration of your email system.  Here is the error:
+                            <blockquote><pre>
+                                [ad_quotehtml $errmsg]
+                            </pre></blockquote>"
+	    return
+	}
+    }
+    
+} -after_submit {
+    ad_returnredirect $return_url
+}
--- a/www/shared/send-email.xql
+++ b/www/shared/send-email.xql
+<?xml version="1.0"?>
+
+<queryset>
+
+  <fullquery name="user_to_info">
+    <querytext>
+	select first_names, last_name 
+	from cc_users
+	where user_id = :sendto
+    </querytext>
+  </fullquery>
+</queryset>
--- a/www/user/email-privacy-level.adp
+++ b/www/user/email-privacy-level.adp
+<master>
+  <property name="title">#acs-subsite.Change_my_email_P#</property>
+  <property name="context">@context;noquote@</property>
+
+<formtemplate id=private-email></formtemplate>
\ No newline at end of file
--- a/www/user/email-privacy-level.tcl
+++ b/www/user/email-privacy-level.tcl
+ad_page_contract {
+    Allows users to change their priv_email field in the users table
+    
+    @author Miguel Marin (miguelmarin@viaro.net) Viaro Networks (www.viaro.net)
+} {
+    {user_id ""}
+}
+
+set page_title  "\"#acs-subsite.Change_my_email_P\#\""
+set context [list [list [ad_pvt_home] [ad_pvt_home_name]] $page_title]
+
+if { [string equal $user_id ""] } {
+    set user_id [auth::require_login -account_status closed]
+}
+
+ad_form -name private-email -form {
+    {level:integer(select)
+	{label "\#acs-subsite.Change_my_email_P\#:"}
+	{options {{"[_ acs-subsite.email_as_text]" 4} {"[_ acs-subsite.email_as_image]" 3} \
+		      {"[_ acs-subsite.email_as_a_form]" 2} {"[_ acs-subsite.email_dont_show]" 1}}}
+    }
+} -on_request {
+    set level [email_image::get_priv_email -user_id $user_id]
+} -on_submit {
+    email_image::update_private_p -user_id $user_id -level $level
+} -after_submit {
+    ad_returnredirect [ad_pvt_home]
+}
\ No newline at end of file
--- a/www/user/password-reset.adp
+++ b/www/user/password-reset.adp
+<master>
+  <property name="title">#acs-subsite.Reset_Password#</property>
+  <property name="context">@context;noquote@</property>
+
+<if @message@ not nil>
+  <div class="general-message">@message@</div>
+</if>
+
+<formtemplate id="reset"></formtemplate>
--- a/www/user/password-reset.tcl
+++ b/www/user/password-reset.tcl
+ad_page_contract {
+    Let's the user reset his/her password.
+
+    @cvs-id $Id$
+} {
+    {user_id {[ad_conn untrusted_user_id]}}
+    {return_url ""}
+    {password_hash ""}
+    {message ""}
+}
+
+# Redirect to HTTPS if so configured
+if { [security::RestrictLoginToSSLP] } {
+    security::require_secure_conn
+}
+
+if { ![auth::password::can_change_p -user_id $user_id] } {
+    ad_return_error "Not supported" "Changing password is not supported."
+}
+
+set admin_p [permission::permission_p -object_id $user_id -privilege admin]
+
+if { !$admin_p } {
+    permission::require_permission -party_id $user_id -object_id $user_id -privilege write
+}
+
+
+
+set page_title [_ acs-subsite.Reset_Password]
+set context [list [list [ad_pvt_home] [ad_pvt_home_name]] $page_title]
+
+set system_name [ad_system_name]
+set site_link [ad_site_home_link]
+
+
+
+acs_user::get -user_id $user_id -array user
+
+ad_form -name reset -edit_buttons [list [list [_ acs-kernel.common_update] "ok"]] -form {
+    {user_id:integer(hidden)}
+    {return_url:text(hidden),optional}
+    {password_hash:text(hidden),optional}
+    {message:text(hidden),optional}
+}
+
+ad_form -extend -name reset -form {
+    {password_1:text(password)
+        {label {[_ acs-subsite.New_Password]}}
+        {html {size 20}}
+    }
+    {password_2:text(password)
+        {label {[_ acs-subsite.Confirm]}}
+        {html {size 20}}
+    }
+} -on_request {
+
+} -validate {
+    {password_1
+        { [string equal $password_1 $password_2] }
+        { Passwords don't match }
+    }
+} -on_submit {
+
+    set password_hash_local [db_string get_password_hash {SELECT password FROM users WHERE user_id = :user_id}]
+
+    if {$password_hash_local eq $password_hash} {
+
+    array set result [auth::password::change \
+                          -user_id $user_id \
+                          -old_password "" \
+                          -new_password $password_1]
+
+    switch $result(password_status) {
+        ok {
+            # Continue
+        }
+        default {
+            form set_error reset password_1 $result(password_message)
+            break
+        }
+    }
+
+    } else {
+        form set_error reset password_1 "Invalid hash"
+	break
+    }
+
+} -after_submit {
+    if { [empty_string_p $return_url] } {
+        set return_url [ad_pvt_home]
+        set pvt_home_name [ad_pvt_home_name]
+        set continue_label [_ acs-subsite.Continue_to_your_account]
+    } else {
+        set continue_label [_ acs-subsite.Continue]
+    }
+    set message [_ acs-subsite.confirmation_password_changed]
+    set continue_url $return_url
+
+    ad_return_template /packages/acs-subsite/www/register/display-message
+}