diff options
| author | curly <curly@infernal.garden> | 2024-07-17 14:27:04 -0600 |
|---|---|---|
| committer | curly <curly@infernal.garden> | 2024-07-17 14:27:04 -0600 |
| commit | cc46857b4361c356e079b48d23a16b0fccaa7a61 (patch) | |
| tree | 3c2d2f08d6decd6d7f4a369e84ae195c5b33651f /src/main.js | |
| parent | 339ed00eb7496fc44ec5113b0520838305062039 (diff) | |
| download | poko_web-cc46857b4361c356e079b48d23a16b0fccaa7a61.tar.gz poko_web-cc46857b4361c356e079b48d23a16b0fccaa7a61.tar.bz2 poko_web-cc46857b4361c356e079b48d23a16b0fccaa7a61.zip | |
separate user update forms. require password for deletion
Diffstat (limited to 'src/main.js')
| -rw-r--r-- | src/main.js | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/src/main.js b/src/main.js index 28013cd..f970abc 100644 --- a/src/main.js +++ b/src/main.js @@ -276,15 +276,29 @@ async function update_form_onload() { } } -async function update_form() { +async function update_password_form() { const id = get_id(); const session = get_session(); - const name = document.getElementById("name").value; const old_password = document.getElementById("old_password").value; const new_password = document.getElementById("new_password").value; - const url = server + "/user/update/info" - const body = {"id": id, "session": session, "name": name, "old_password": old_password, "new_password": new_password}; + const url = server + "/user/update/password" + const body = {"id": id, "session": session, "old_password": old_password, "new_password": new_password}; + const req = await xhttp_post(url, body); + + if (req.status == 200) { + window.location.href = host + "/user/" + } else { + alert(req.status + ": " + req.body) + } +} +async function update_name_form() { + const id = get_id(); + const session = get_session(); + const name = document.getElementById("name").value; + + const url = server + "/user/update/name" + const body = {"id": id, "session": session, "name": name}; const req = await xhttp_post(url, body); if (req.status == 200) { @@ -292,16 +306,18 @@ async function update_form() { } else { alert(req.status + ": " + req.body) } + } async function delete_form() { const id = get_id(); const session = get_session(); const is_sure = document.getElementById("is_sure").value; + const password = document.getElementById("password").value; if (is_sure == "YES") { const url = server + "/user/delete" - const body = {"id": id, "session": session} + const body = {"id": id, "session": session, "password": password} const req = await xhttp_post(url, body); if (req.status == 200) { |