gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-03-11 16:35:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

check if the current pwd is the new pw and pwd history is > 0 (Closes #424)

Browse Source
This commit is contained in:
Uwe Steinmann 2018-11-07 21:03:30 +01:00
parent ee343cb972
commit 710fbc9b5a
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
op/op.EditUserData.php
View File

@ -58,6 +58,8 @@ if (isset($_POST["pwd"]) && ($_POST["pwd"] != "")) {
$score = $ps->get_score();
if($score > $settings->_passwordStrength) {
if($settings->_passwordHistory > 0) {
if ($current_pwd == $_POST["pwd"]) // history doesn't have the initial pw stored yet
UI::exitError(getMLText("set_password"),getMLText("password_already_used"));
$phm = new SeedDMS_PasswordHistoryManager($db);
$oldpwd = $phm->search($user, md5($_POST["pwd"]));
if($oldpwd) {