wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

check for old password when changing passwords

Browse source
This commit is contained in:
Robin Appelman 2011-09-25 01:01:39 +02:00
parent ae4c83af91
commit 09092dd2d2
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
settings/ajax/changepassword.php
View file

@ -10,7 +10,7 @@ $username = isset($_POST["username"]) ? $_POST["username"] : OC_User::getUser();
$password = $_POST["password"];
// Check if we are a user
if( !OC_User::isLoggedIn() || (!OC_Group::inGroup( OC_User::getUser(), 'admin' )&& $username!=OC_User::getUser())) {
if( !OC_User::isLoggedIn() || (!OC_Group::inGroup( OC_User::getUser(), 'admin' ) && ($username!=OC_User::getUser() || !OC_User::checkPassword($username,$password)))) {
echo json_encode( array( "status" => "error", "data" => array( "message" => "Authentication error" )));
exit();
}