RT#29354: Password Security in Email [customer fields, images, js files]

[freeside.git] / fs_selfservice / FS-SelfService / cgi / change_password.html

diff --git a/fs_selfservice/FS-SelfService/cgi/change_password.html b/fs_selfservice/FS-SelfService/cgi/change_password.html
index 68b6fd8..879faf2 100644 (file)
--- a/fs_selfservice/FS-SelfService/cgi/change_password.html
+++ b/fs_selfservice/FS-SelfService/cgi/change_password.html
@@ -1,4 +1,3 @@
-<%= $url = "$selfurl?session=$session_id;action="; ''; %>
 <%= include('header', 'Change password') %>
 
 <%= if ( $error ) {
@@ -6,7 +5,6 @@
 } ''; %>
 
 <FORM ACTION="<%= $selfurl %>" METHOD="POST">
-<INPUT TYPE="hidden" NAME="session" VALUE="<%= $session_id %>">
 <INPUT TYPE="hidden" NAME="action" VALUE="process_change_password">
 
 <TABLE BGCOLOR="#cccccc">
@@ -14,7 +12,7 @@
   <TR>
     <TH ALIGN="right">Change password for account: </TH>
     <TD>
-      <SELECT NAME="svcnum">
+      <SELECT ID="new_password_svcnum" NAME="svcnum">
         <%= foreach my $svc ( @svcs ) {
               $OUT .= '<OPTION VALUE="'. $svc->{'svcnum'}. '"'.
                         ( $svc->{'svcnum'} eq $svcnum ? ' SELECTED' : '' ). '>'.
@@ -27,7 +25,15 @@
 
   <TR>
     <TH ALIGN="right">New password: </TH>
-    <TD><INPUT TYPE="password" NAME="new_password" SIZE="18"></TD>
+    <TD>
+      <INPUT ID="new_password" TYPE="password" NAME="new_password" SIZE="18">
+      <DIV ID="new_password_result"></DIV>
+      <SCRIPT SRC="send_xmlhttp.js"></SCRIPT>
+      <SCRIPT SRC="add_password_validation.js"></SCRIPT>
+      <SCRIPT>
+      add_password_validation('new_password');
+      </SCRIPT>
+    </TD>
   </TR>
 
   <TR>