diff --git a/src/socket.io/user.js b/src/socket.io/user.js index a23b3f77c5..c68bab4841 100644 --- a/src/socket.io/user.js +++ b/src/socket.io/user.js @@ -78,19 +78,19 @@ SocketUser.reset = {}; SocketUser.reset.send = function(socket, email, callback) { if (email) { - user.reset.send(socket, email, callback); + user.reset.send(email, callback); } }; SocketUser.reset.valid = function(socket, code, callback) { if (code) { - user.reset.validate(socket, code, callback); + user.reset.validate(code, callback); } }; SocketUser.reset.commit = function(socket, data, callback) { if(data && data.code && data.password) { - user.reset.commit(socket, data.code, data.password, callback); + user.reset.commit(data.code, data.password, callback); } }; @@ -112,26 +112,30 @@ SocketUser.checkStatus = function(socket, uid, callback) { }; SocketUser.changePassword = function(socket, data, callback) { - if(data) { + if (data && socket.uid) { user.changePassword(socket.uid, data, callback); } }; SocketUser.updateProfile = function(socket, data, callback) { - if(!data || !data.uid) { + if (!socket.uid) { + return callback('[[error:invalid-uid]]'); + } + + if (!data || !data.uid) { return callback(new Error('[[error:invalid-data]]')); } - if(socket.uid === parseInt(data.uid, 10)) { + if (socket.uid === parseInt(data.uid, 10)) { return user.updateProfile(socket.uid, data, callback); } user.isAdministrator(socket.uid, function(err, isAdmin) { - if(err) { + if (err) { return callback(err); } - if(!isAdmin) { + if (!isAdmin) { return callback(new Error('[[error:no-privileges]]')); } @@ -140,7 +144,11 @@ SocketUser.updateProfile = function(socket, data, callback) { }; SocketUser.changePicture = function(socket, data, callback) { - if(!data) { + if (!socket.uid) { + return callback('[[error:invalid-uid]]'); + } + + if (!data) { return callback(new Error('[[error:invalid-data]]')); } @@ -305,10 +313,16 @@ SocketUser.getOnlineAnonCount = function(socket, data, callback) { }; SocketUser.getUnreadCount = function(socket, data, callback) { + if (!socket.uid) { + return callback(null, 0); + } topics.getTotalUnread(socket.uid, callback); }; SocketUser.getUnreadChatCount = function(socket, data, callback) { + if (!socket.uid) { + return callback(null, 0); + } messaging.getUnreadCount(socket.uid, callback); }; diff --git a/src/user/profile.js b/src/user/profile.js index 19b5441e0a..b64398413c 100644 --- a/src/user/profile.js +++ b/src/user/profile.js @@ -223,7 +223,7 @@ module.exports = function(User) { } User.changePassword = function(uid, data, callback) { - if(!data || !data.uid) { + if (!uid || !data || !data.uid) { return callback(new Error('[[error:invalid-uid]]')); } diff --git a/src/user/reset.js b/src/user/reset.js index 2b101e8c27..2e1a7ab80e 100644 --- a/src/user/reset.js +++ b/src/user/reset.js @@ -11,12 +11,11 @@ var async = require('async'), db = require('../database'), meta = require('../meta'), events = require('../events'), - emailer = require('../emailer'), - tran; + emailer = require('../emailer'); (function(UserReset) { - UserReset.validate = function(socket, code, callback) { + UserReset.validate = function(code, callback) { db.getObjectField('reset:uid', code, function(err, uid) { if (err || !uid) { return callback(err, false); @@ -39,7 +38,7 @@ var async = require('async'), }); }; - UserReset.send = function(socket, email, callback) { + UserReset.send = function(email, callback) { user.getUidByEmail(email, function(err, uid) { if (err || !uid) { return callback(err || new Error('[[error:invalid-email]]')); @@ -64,8 +63,8 @@ var async = require('async'), }); }; - UserReset.commit = function(socket, code, password, callback) { - UserReset.validate(socket, code, function(err, validated) { + UserReset.commit = function(code, password, callback) { + UserReset.validate(code, function(err, validated) { if(err) { return callback(err); }