summaryrefslogtreecommitdiff
path: root/plugins/sasl_password
diff options
context:
space:
mode:
authoralecpl <alec@alec.pl>2009-05-16 13:01:49 +0000
committeralecpl <alec@alec.pl>2009-05-16 13:01:49 +0000
commit2471d3a979d00e0cecca64e0d5889ca40c02c5fe (patch)
tree80a707b81bfba636d004107f5c04a59a3a0eebf7 /plugins/sasl_password
parent34ee9e7498f84394bfc7d5a4a845720aed8e0b2f (diff)
- Added possibility to encrypt received header, option 'http_received_header_encrypt',
added some more logic in encrypt/decrypt functions for security
Diffstat (limited to 'plugins/sasl_password')
-rw-r--r--plugins/sasl_password/sasl_password.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/plugins/sasl_password/sasl_password.php b/plugins/sasl_password/sasl_password.php
index 3a23557e9..ed1624e71 100644
--- a/plugins/sasl_password/sasl_password.php
+++ b/plugins/sasl_password/sasl_password.php
@@ -51,12 +51,12 @@ class sasl_password extends rcube_plugin
$curpwd = get_input_value('_curpasswd', RCUBE_INPUT_POST);
$newpwd = get_input_value('_newpasswd', RCUBE_INPUT_POST);
- if ($_SESSION['password'] != $rcmail->encrypt_passwd($curpwd)) {
+ if ($rcmail->decrypt($_SESSION['password']) != $curpwd) {
$rcmail->output->command('display_message', $this->gettext('passwordincorrect'), 'error');
}
else if ($this->_save($newpwd)) {
$rcmail->output->command('display_message', $this->gettext('successfullysaved'), 'confirmation');
- $_SESSION['password'] = $rcmail->encrypt_passwd($newpwd);
+ $_SESSION['password'] = $rcmail->encrypt($newpwd);
}
else {
$rcmail->output->command('display_message', $this->gettext('errorsaving'), 'error');