projects
/
freeside.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
limit password reuse, core and svc_acct, #29354
[freeside.git]
/
httemplate
/
edit
/
process
/
svc_acct.cgi
diff --git
a/httemplate/edit/process/svc_acct.cgi
b/httemplate/edit/process/svc_acct.cgi
index
9cac2c5
..
d75ff92
100755
(executable)
--- a/
httemplate/edit/process/svc_acct.cgi
+++ b/
httemplate/edit/process/svc_acct.cgi
@@
-81,7
+81,12
@@
if ( $cgi->param('clear_password') eq '*HIDDEN*'
|| $cgi->param('clear_password') =~ /^\(.* encrypted\)$/ ) {
die "fatal: no previous account to recall hidden password from!" unless $old;
} else {
|| $cgi->param('clear_password') =~ /^\(.* encrypted\)$/ ) {
die "fatal: no previous account to recall hidden password from!" unless $old;
} else {
- $error ||= $new->set_password($cgi->param('clear_password'));
+ my $newpass = $cgi->param('clear_password');
+ if ( ! $old->check_password($newpass) ) {
+ # then the password is being changed
+ $error ||= $new->is_password_allowed($newpass)
+ || $new->set_password($newpass);
+ }
}
if ( ! $error ) {
}
if ( ! $error ) {