From b5a9068479a38c2b901b1954a57c51f43e84be2d Mon Sep 17 00:00:00 2001
From: Mark Wells <mark@freeside.biz>
Date: Thu, 12 Nov 2015 16:49:39 -0800
Subject: limit password reuse, core and svc_acct, #29354

---
 httemplate/misc/process/change-password.html | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'httemplate/misc/process')

diff --git a/httemplate/misc/process/change-password.html b/httemplate/misc/process/change-password.html
index 7cab9c4e3..d58ce544d 100644
--- a/httemplate/misc/process/change-password.html
+++ b/httemplate/misc/process/change-password.html
@@ -11,7 +11,9 @@ die "access denied" unless (
   ( $curuser->access_right('Edit password') and 
     ! $part_svc->restrict_edit_password )
   );
-my $error = $svc_acct->set_password($cgi->param('password'))
+my $newpass = $cgi->param('password');
+my $error = $svc_acct->is_password_allowed($newpass)
+        ||  $svc_acct->set_password($newpass)
         ||  $svc_acct->replace;
 
 # annoyingly specific to view/svc_acct.cgi, for now...
-- 
cgit v1.2.1