Skip to content
GitLab
Commit be0fb418 authored by gloria's avatar gloria Committed by Francesc Guasch
Browse files

fix: now the form check if the current password is ok 

If a local user wants to change the password, the form doesn't check if
the password match with the current password.
parent 4aa62878
Hide whitespace changes
Inline Side-by-side
script/rvd_front
View file @ be0fb418
......@@ -1305,27 +1305,36 @@ sub user_settings {
}
$c->param('tongue' => $USER->language);
my @errors;
use Data::Dumper;
if ($c->param('button_click')) {
if (($c->param('password') eq "") || ($c->param('conf_password') eq "") || ($c->param('current_password') eq "")) {
push @errors,("Some of the password's fields are empty");
}
else {
if ($c->param('password') eq $c->param('conf_password')) {
eval {
$USER->change_password($c->param('password'));
_logged_in($c);
};
if ($@ =~ /Password too small/) {
push @errors,("Password too small")
}
else {
$changed_pass = 1;
}
}
else {
push @errors,("Password fields aren't equal")
}
}
my $auth_ok;
eval { $auth_ok = Ravada::Auth::login($USER->name, $c->param('current_password'))};
if (!$auth_ok || $@) {
push @errors, ("Current password is wrong");
}
else {
if (($c->param('password') eq "") || ($c->param('conf_password') eq "") || ($c->param('current_password') eq "")) {
push @errors,("Some of the password's fields are empty");
}
else {
if ($c->param('password') eq $c->param('conf_password')) {
eval {
$USER->change_password($c->param('password'));
_logged_in($c);
};
if ($@ =~ /Password too small/) {
push @errors,("Password too small")
}
else {
$changed_pass = 1;
}
}
else {
push @errors,("Password fields aren't equal")
}
}
}
}
$c->render(template => 'bootstrap/user_settings', changed_lang=> $changed_lang, changed_pass => $changed_pass
,errors =>\@errors);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment