aboutsummaryrefslogtreecommitdiffstats
path: root/settings/ajax/changepassword.php
diff options
context:
space:
mode:
authorRobin Appelman <icewind1991@gmail.com>2011-08-30 22:03:17 +0200
committerRobin Appelman <icewind1991@gmail.com>2011-08-30 22:03:17 +0200
commit9411d8bb082344fcabc02eb2afca499cd944e0b2 (patch)
tree3c73e8e9b3e7c5d4c7b258259f072d57125a778a /settings/ajax/changepassword.php
parente89a4b3a0d3d736abccfc3c7e6e1855ea4637580 (diff)
downloadnextcloud-server-9411d8bb082344fcabc02eb2afca499cd944e0b2.tar.gz
nextcloud-server-9411d8bb082344fcabc02eb2afca499cd944e0b2.zip
fixed users not being able to change their password
Diffstat (limited to 'settings/ajax/changepassword.php')
-rw-r--r--settings/ajax/changepassword.php8
1 files changed, 4 insertions, 4 deletions
diff --git a/settings/ajax/changepassword.php b/settings/ajax/changepassword.php
index e7e67115dda..c5cdbcef056 100644
--- a/settings/ajax/changepassword.php
+++ b/settings/ajax/changepassword.php
@@ -6,15 +6,15 @@ require_once('../../lib/base.php');
// We send json data
header( "Content-Type: application/jsonrequest" );
+$username = isset($_POST["username"]) ? $_POST["username"] : OC_User::getUser();
+$password = $_POST["password"];
+
// Check if we are a user
-if( !OC_User::isLoggedIn() || !OC_Group::inGroup( OC_User::getUser(), 'admin' )){
+if( !OC_User::isLoggedIn() || (!OC_Group::inGroup( OC_User::getUser(), 'admin' )&& $username!=OC_User::getUser())) {
echo json_encode( array( "status" => "error", "data" => array( "message" => "Authentication error" )));
exit();
}
-$username = isset($_POST["username"]) ? $_POST["username"] : OC_User::getUser();
-$password = $_POST["password"];
-
// Return Success story
if( OC_User::setPassword( $username, $password )){
echo json_encode( array( "status" => "success", "data" => array( "username" => $username )));