[Rt-commit] rt branch, 3.8-trunk, updated. rt-3.8.7-134-g729ba90

sartak at bestpractical.com sartak at bestpractical.com
Wed Feb 3 22:28:53 EST 2010 

The branch, 3.8-trunk has been updated
       via  729ba900e405db476f24b16b5b4132a5b3326190 (commit)
      from  227243811f07592f3be50ef75d76690016360f05 (commit)

Summary of changes:
 share/html/SelfService/Prefs.html |   45 ++++++++++++++++++++++++++++++++-----
 1 files changed, 39 insertions(+), 6 deletions(-)

- Log -----------------------------------------------------------------
commit 729ba900e405db476f24b16b5b4132a5b3326190
Author: Shawn M Moore <sartak at bestpractical.com>
Date:   Wed Feb 3 22:14:29 2010 -0500

    Require current password in self-service prefs

diff --git a/share/html/SelfService/Prefs.html b/share/html/SelfService/Prefs.html
index dabab79..7e7ba51 100755
--- a/share/html/SelfService/Prefs.html
+++ b/share/html/SelfService/Prefs.html
@@ -52,8 +52,34 @@
 
 % unless (RT->Config->Get('WebExternalAuth') and !RT->Config->Get('WebFallbackToInternalAuth')) {
 <&| /Widgets/TitleBox, title => loc('Change password')  &>
-<&|/l&>New password</&>: <input type="password" name="NewPass1" size="16" autocomplete="off" />
-<&|/l&>Confirm</&>: <input type="password" name="NewPass2" size="16" autocomplete="off" />
+<table>
+<tr>
+<td>
+<&|/l&>Your current password</&>:
+</td>
+<td>
+<input type="password" name="CurrentPass" size="16" autocomplete="off" />
+</td>
+</tr>
+
+<tr>
+<td>
+<&|/l&>New password</&>:
+</td>
+<td>
+<input type="password" name="NewPass1" size="16" autocomplete="off" />
+</td>
+</tr>
+
+<tr>
+<td>
+<&|/l&>Confirm</&>:
+</td>
+<td>
+<input type="password" name="NewPass2" size="16" autocomplete="off" />
+</td>
+</tr>
+</table>
 </&>
 <br />
 % }
@@ -65,12 +91,18 @@
 my @results;
 
 if ($NewPass1) {
-    if ($NewPass1 ne $NewPass2) {
-	push (@results, "Passwords did not match.");
+    if (!$CurrentPass) {
+        push @results, loc("Please specify your current password.");
+    }
+    elsif (!$session{'CurrentUser'}->UserObj->IsPassword($CurrentPass)) {
+        push @results, loc("Please specify your current password correctly.");
+    }
+    elsif ($NewPass1 ne $NewPass2) {
+        push (@results, "Passwords did not match.");
     }	
     else {
-	my ($val, $msg)=$session{'CurrentUser'}->UserObj->SetPassword($NewPass1);
-	push (@results, "Password: ".$msg);
+        my ($val, $msg)=$session{'CurrentUser'}->UserObj->SetPassword($NewPass1);
+        push (@results, "Password: ".$msg);
     }	
 }
 if ($Signature) {
@@ -87,6 +119,7 @@ $session{'i'}++;
 
 <%ARGS>
 $Signature => undef
+$CurrentPass => undef
 $NewPass1 => undef
 $NewPass2 => undef
 </%ARGS>

-----------------------------------------------------------------------

More information about the Rt-commit mailing list