summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--plugins/password/password.js2
-rw-r--r--plugins/password/password.php9
2 files changed, 8 insertions, 3 deletions
diff --git a/plugins/password/password.js b/plugins/password/password.js
index c3252f031..8a079de2d 100644
--- a/plugins/password/password.js
+++ b/plugins/password/password.js
@@ -25,7 +25,7 @@ if (window.rcmail) {
} else if (input_confpasswd && input_confpasswd.value=='') {
alert(rcmail.gettext('nopassword', 'password'));
input_confpasswd.focus();
- } else if ((input_newpasswd && input_confpasswd) && (input_newpasswd.value != input_confpasswd.value)) {
+ } else if (input_newpasswd && input_confpasswd && input_newpasswd.value != input_confpasswd.value) {
alert(rcmail.gettext('passwordinconsistency', 'password'));
input_newpasswd.focus();
} else {
diff --git a/plugins/password/password.php b/plugins/password/password.php
index 3a7050bdc..0a44aa997 100644
--- a/plugins/password/password.php
+++ b/plugins/password/password.php
@@ -89,8 +89,12 @@ class password extends rcube_plugin
$curpwd = get_input_value('_curpasswd', RCUBE_INPUT_POST);
$newpwd = get_input_value('_newpasswd', RCUBE_INPUT_POST);
+ $conpwd = get_input_value('_confpasswd', RCUBE_INPUT_POST);
- if ($confirm && $rcmail->decrypt($_SESSION['password']) != $curpwd) {
+ if ($conpwd != $newpwd) {
+ $rcmail->output->command('display_message', $this->gettext('passwordinconsistency'), 'error');
+ }
+ else if ($confirm && $rcmail->decrypt($_SESSION['password']) != $curpwd) {
$rcmail->output->command('display_message', $this->gettext('passwordincorrect'), 'error');
}
else if ($required_length && strlen($newpwd) < $required_length) {
@@ -103,7 +107,8 @@ class password extends rcube_plugin
else if (!($res = $this->_save($curpwd,$newpwd))) {
$rcmail->output->command('display_message', $this->gettext('successfullysaved'), 'confirmation');
$_SESSION['password'] = $rcmail->encrypt($newpwd);
- } else
+ }
+ else
$rcmail->output->command('display_message', $res, 'error');
}