discourse/app/views/users/password_reset.html.erb
riking 3d3313d5ee SECURITY: Limit passwords to 200 characters
Prevents layer 8 attack.
2014-09-12 12:21:06 -04:00

53 lines
1.5 KiB
Plaintext

<div id="simple-container">
<%if flash[:error]%>
<div class='alert alert-error'>
<%=flash[:error]%>
</div>
<%end%>
<% if @user.present? and @user.errors.any? %>
<div class='alert alert-error'>
<% @user.errors.full_messages.each do |msg| %>
<li><%= msg %></li>
<% end %>
</div>
<% end %>
<%if flash[:success]%>
<p>
<%= flash[:success] %>
<%- if @requires_approval %>
<%= t 'login.not_approved' %>
<% else %>
<br>
<br>
<a class="btn" href="/"><%= t('password_reset.continue', site_name: SiteSetting.title) %></a>
<%= render partial: 'auto_redirect_home' %>
<% end %>
</p>
<% else %>
<%if @user.present? %>
<h3>
<% if @user.has_password? %>
<%= t 'password_reset.choose_new' %>
<% else %>
<%= t 'password_reset.choose' %>
<% end %>
</h3>
<%=form_tag({}, method: :put) do %>
<p>
<input id="user_password" name="password" size="30" type="password" maxlength="<%= User.max_password_length %>">
<label><%= t('js.user.password.instructions', count: SiteSetting.min_password_length) %></label>
</p>
<p>
<%=submit_tag( @user.has_password? ? t('password_reset.update') : t('password_reset.save'), class: 'btn')%>
</p>
<%end%>
<%end%>
<%end%>
</div>
<script type="text/javascript">
document.getElementById('user_password').focus()
</script>