diff options
author | Ivan Kohler <ivan@freeside.biz> | 2014-05-07 02:05:39 -0700 |
---|---|---|
committer | Ivan Kohler <ivan@freeside.biz> | 2014-05-07 02:05:39 -0700 |
commit | 204902c9dd654a2bc0e7400b057bcd8c4a60ab54 (patch) | |
tree | ac8023c55cfd233d6fe6295cb9cb456dcebc11ca /FS/FS/ClientAPI | |
parent | dfc390ed3e27de2f1ec26edf9c07f5d3bd8a6049 (diff) |
check old_password if passed to self-service API, require with config setting, RT#29015
Diffstat (limited to 'FS/FS/ClientAPI')
-rw-r--r-- | FS/FS/ClientAPI/MyAccount.pm | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/FS/FS/ClientAPI/MyAccount.pm b/FS/FS/ClientAPI/MyAccount.pm index 5b590da2b..47f3bd88e 100644 --- a/FS/FS/ClientAPI/MyAccount.pm +++ b/FS/FS/ClientAPI/MyAccount.pm @@ -2856,6 +2856,13 @@ sub myaccount_passwd { my $error = ''; my $conf = new FS::Conf; + + return { 'error' => 'Incorrect current password.' } + if ( exists($p->{'old_password'}) + || $conf->exists('selfservice-password_change_oldpass') + ) + && ! $svc_acct->check_password($p->{'old_password'}); + $error = 'Password too short.' if length($p->{'new_password'}) < ($conf->config('passwordmin') || 6); $error = 'Password too long.' |