add notifications for mail and password changes

update and shorten some other message templates

classes/digest.php

@@ -103,9 +103,11 @@ class Digest
 
 		$tpl->setVariable('CUR_DATE', date('Y/m/d', $local_ts));
 		$tpl->setVariable('CUR_TIME', date('G:i', $local_ts));
+		$tpl->setVariable('TTRSS_HOST', SELF_URL_PATH);
 
 		$tpl_t->setVariable('CUR_DATE', date('Y/m/d', $local_ts));
 		$tpl_t->setVariable('CUR_TIME', date('G:i', $local_ts));
+		$tpl_t->setVariable('TTRSS_HOST', SELF_URL_PATH);
 
 		$affected_ids = array();
 

classes/handler/public.php

@@ -996,6 +996,7 @@ class Handler_Public extends Handler {
 
 						$tpl->setVariable('LOGIN', $login);
 						$tpl->setVariable('RESETPASS_LINK', $resetpass_link);
+						$tpl->setVariable('TTRSS_HOST', SELF_URL_PATH);
 
 						$tpl->addBlock('message');
 

classes/pref/prefs.php

@@ -122,6 +122,11 @@ class Pref_Prefs extends Handler_Protected {
 		$new_pw = clean($_POST["new_password"]);
 		$con_pw = clean($_POST["confirm_password"]);
 
+		if ($old_pw == $new_pw) {
+			print "ERROR: ".format_error("New password must be different from the old one.");
+			return;
+		}
+
 		if ($old_pw == "") {
 			print "ERROR: ".format_error("Old password cannot be blank.");
 			return;
@@ -194,6 +199,37 @@ class Pref_Prefs extends Handler_Protected {
 		$full_name = clean($_POST["full_name"]);
 		$active_uid = $_SESSION["uid"];
 
+		$sth = $this->pdo->prepare("SELECT email, login, full_name FROM ttrss_users WHERE id = ?");
+		$sth->execute([$active_uid]);
+
+		if ($row = $sth->fetch()) {
+			$old_email = $row["email"];
+
+			if ($old_email != $email) {
+				$mailer = new Mailer();
+
+				require_once "lib/MiniTemplator.class.php";
+
+				$tpl = new MiniTemplator;
+
+				$tpl->readTemplateFromFile("templates/mail_change_template.txt");
+
+				$tpl->setVariable('LOGIN', $row["login"]);
+				$tpl->setVariable('NEWMAIL', $email);
+				$tpl->setVariable('TTRSS_HOST', SELF_URL_PATH);
+
+				$tpl->addBlock('message');
+
+				$tpl->generateOutputToString($message);
+
+				$mailer->mail(["to_name" => $row["login"],
+					"to_address" => $row["email"],
+					"subject" => "[tt-rss] Mail address change notification",
+					"message" => $message]);
+
+			}
+		}
+
 		$sth = $this->pdo->prepare("UPDATE ttrss_users SET email = ?,
 			full_name = ? WHERE id = ?");
 		$sth->execute([$email, $full_name, $active_uid]);

plugins/auth_internal/init.php

@@ -211,6 +211,32 @@ class Auth_Internal extends Plugin implements IAuthModule {
 
 			$_SESSION["pwd_hash"] = $new_password_hash;
 
+			$sth = $this->pdo->prepare("SELECT email, login FROM ttrss_users WHERE id = ?");
+			$sth->execute([$owner_uid]);
+
+			if ($row = $sth->fetch()) {
+				$mailer = new Mailer();
+
+				require_once "lib/MiniTemplator.class.php";
+
+				$tpl = new MiniTemplator;
+
+				$tpl->readTemplateFromFile("templates/password_change_template.txt");
+
+				$tpl->setVariable('LOGIN', $row["login"]);
+				$tpl->setVariable('TTRSS_HOST', SELF_URL_PATH);
+
+				$tpl->addBlock('message');
+
+				$tpl->generateOutputToString($message);
+
+				$mailer->mail(["to_name" => $row["login"],
+					"to_address" => $row["email"],
+					"subject" => "[tt-rss] Password change notification",
+					"message" => $message]);
+
+			}
+
 			return __("Password has been changed.");
 		} else {
 			return "ERROR: ".__('Old password is incorrect.');

templates/digest_template.txt

@@ -11,4 +11,5 @@ ${FEED_TITLE}
 <!-- $EndBlock feed -->
 -- 
 To unsubscribe, visit your configuration options or contact instance owner.
+Sent by tt-rss mailer daemon at ${TTRSS_HOST}.
 <!-- $EndBlock digest -->

templates/digest_template_html.txt

@@ -14,5 +14,7 @@
 <!-- $EndBlock feed -->
  
 <hr>
-<em>To unsubscribe, visit your configuration options or contact instance owner.</em>
+
+<em>To unsubscribe, visit your configuration options or contact instance owner.</em><br/>
+<em>Sent by tt-rss mailer daemon at ${TTRSS_HOST}.</em>
 <!-- $EndBlock digest -->

templates/email_article_template.txt

@@ -12,5 +12,5 @@ Thought I'd share the following with you:
 <!-- $EndBlock article -->
 
 -- 
-This message has been sent by Tiny Tiny RSS installation at ${TTRSS_HOST}.
+Sent by Tiny Tiny RSS mailer daemon at ${TTRSS_HOST}.
 <!-- $EndBlock email -->

templates/mail_change_template.txt

@@ -0,0 +1,10 @@
+<!-- $BeginBlock message -->
+Hello, ${LOGIN}.
+
+Your mail address for this Tiny Tiny RSS instance has been changed to ${NEWMAIL}.
+
+If you haven't requested this change, consider contacting your instance owner or resetting your password.
+
+-- 
+Sent by tt-rss mailer daemon at ${TTRSS_HOST}.
+<!-- $EndBlock message -->

templates/password_change_template.txt

@@ -0,0 +1,10 @@
+<!-- $BeginBlock message -->
+Hello, ${LOGIN}.
+
+Your password for this Tiny Tiny RSS instance has been changed.
+
+If you haven't requested this change, consider contacting your instance owner.
+
+-- 
+Sent by tt-rss mailer daemon at ${TTRSS_HOST}.
+<!-- $EndBlock message -->

templates/resetpass_link_template.txt

@@ -10,5 +10,6 @@ Please note that the above link will only be valid for the next 15 minutes.
 
 If you don't want to reset your password, ignore this message.
 
-Sincerely, Tiny Tiny RSS Mail Daemon.
+-- 
+Sent by tt-rss mailer daemon at ${TTRSS_HOST}.
 <!-- $EndBlock message -->

templates/resetpass_template.txt

@@ -1,9 +0,0 @@
-<!-- $BeginBlock message -->
-Hello, ${LOGIN}.
-
-Your password for this Tiny Tiny RSS installation has been reset.
-
-Your new password is ${NEWPASS}, please remember it for later reference.
-
-Sincerely, Tiny Tiny RSS Mail Daemon.
-<!-- $EndBlock message -->