check old password if supplied, RT#13656

author ivan <ivan>

Fri, 30 Sep 2011 05:15:32 +0000 (05:15 +0000)

committer ivan <ivan>

Fri, 30 Sep 2011 05:15:32 +0000 (05:15 +0000)
author ivan <ivan>
Fri, 30 Sep 2011 05:15:32 +0000 (05:15 +0000)
committer ivan <ivan>
Fri, 30 Sep 2011 05:15:32 +0000 (05:15 +0000)
diff --git a/FS/FS/ClientAPI/MyAccount.pm b/FS/FS/ClientAPI/MyAccount.pm

index a5f4793..16a6311 100644 (file)
--- a/FS/FS/ClientAPI/MyAccount.pm
+++ b/FS/FS/ClientAPI/MyAccount.pm
@@ -2148,6 +2148,11 @@ sub myaccount_passwd {
    } )
      or return { 'error' => "Service not found" };
  
+  if ( exists($p->{'old_password'}) ) {
+    return "Incorrect password."
+      unless $svc_acct->check_password($p->{'old_password'});
+  }
+
    $svc_acct->_password($p->{'new_password'});
    my $error = $svc_acct->replace();