Allow users to change their password from the account page, and get rid

[rails.git] / app / models / user.rb

diff --git a/app/models/user.rb b/app/models/user.rb
index ae0dbac54b76236eea78345d59063c637b365250..da4d4c2058b1429485327956f1f87c4e5692d851 100644 (file)
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -13,6 +13,9 @@ class User < ActiveRecord::Base
   validates_length_of :pass_crypt, :minimum => 8
   validates_length_of :display_name, :minimum => 3, :allow_nil => true
   validates_format_of :email, :with => /^([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})$/i
+  validates_format_of :display_name, :with => /^[^\/;.,?]*$/
+
+  before_save :encrypt_password
 
   def set_defaults
     self.creation_time = Time.now
@@ -20,12 +23,8 @@ class User < ActiveRecord::Base
     self.token = User.make_token()
   end
 
-  def pass_crypt=(str) 
-    write_attribute("pass_crypt", Digest::MD5.hexdigest(str)) 
-  end
-
-  def pass_crypt_confirmation=(str) 
-    write_attribute("pass_crypt_confirm", Digest::MD5.hexdigest(str)) 
+  def encrypt_password
+    self.pass_crypt = Digest::MD5.hexdigest(pass_crypt) unless pass_crypt_confirmation.nil?
   end
 
   def self.authenticate(email, passwd)