From 6f7eafce186b7310598eaa69e1f35119f2a13a7a Mon Sep 17 00:00:00 2001
From: Steffen185 <steffen.weber@gmail.com>
Date: Fri, 22 Mar 2013 15:16:45 +0100
Subject: Save new password even if it has not changed

I have recently changed the password scheme of my Dovecot/Postfix/Roundcube installation. New passwords are encrypted stronger than before. It is not possible to automatically update existing passwords (because the old encryption is not so bad that I can easily crack it). But I'd like to tell my users that they can upgrade to the new password scheme by simply submitting the "change password" form with their old password in all three input fields. Currently a minor optimization prevents this. I think this minor optimization should be removed.
---
 plugins/password/password.php | 4 ----
 1 file changed, 4 deletions(-)

(limited to 'plugins/password')

diff --git a/plugins/password/password.php b/plugins/password/password.php
index 39020a0bf..ec5bac3a9 100644
--- a/plugins/password/password.php
+++ b/plugins/password/password.php
@@ -146,10 +146,6 @@ class password extends rcube_plugin
             else if ($check_strength && (!preg_match("/[0-9]/", $newpwd) || !preg_match("/[^A-Za-z0-9]/", $newpwd))) {
                 $rcmail->output->command('display_message', $this->gettext('passwordweak'), 'error');
             }
-            // password is the same as the old one, do nothing, return success
-            else if ($sespwd == $newpwd) {
-                $rcmail->output->command('display_message', $this->gettext('successfullysaved'), 'confirmation');
-            }
             // try to save the password
             else if (!($res = $this->_save($curpwd, $newpwd))) {
                 $rcmail->output->command('display_message', $this->gettext('successfullysaved'), 'confirmation');
-- 
cgit v1.2.3