some error handling in case the recovery password is wrong

author: Björn Schießle <schiessle@owncloud.com> 2013-05-16 15:19:53 +0200
committer: Björn Schießle <schiessle@owncloud.com> 2013-05-16 15:19:53 +0200
commit: 8ae30891b3cd5781741ce797b0ff99d68eab7c8d (patch)
tree: be4dbe155cfa990111971c84b873c84ba1e04bf0 /settings/ajax
parent: 9d1e60325c6f478484ff8f70ff3cd13d9d7d4913 (diff)
download: nextcloud-server-8ae30891b3cd5781741ce797b0ff99d68eab7c8d.tar.gz
nextcloud-server-8ae30891b3cd5781741ce797b0ff99d68eab7c8d.zip
1 files changed, 5 insertions, 2 deletions
diff --git a/settings/ajax/changepassword.php b/settings/ajax/changepassword.php
index fe63f27a6e2..adb730e12c2 100644
--- a/settings/ajax/changepassword.php
+++ b/settings/ajax/changepassword.php
@@ -28,10 +28,13 @@ if(is_null($userstatus)) {
 	exit();
 }
 
-// Return Success story
-if(!is_null($password) && OC_User::setPassword( $username, $password, $recoveryPassword )) {
+$util = new \OCA\Encryption\Util(new \OC_FilesystemView('/'), \OCP\User::getUser());
+if ( $recoveryPassword && ! $util->checkRecoveryPassword($recoveryPassword) ) {
+	OC_JSON::error(array("data" => array( "message" => "Wrong recovery admin password. Please check the password and try again." )));
+}elseif(!is_null($password) && OC_User::setPassword( $username, $password, $recoveryPassword )) {
 	OC_JSON::success(array("data" => array( "username" => $username )));
 }
 else{
 	OC_JSON::error(array("data" => array( "message" => "Unable to change password" )));
 }
+error_log("bliub");
author	Björn Schießle <schiessle@owncloud.com>	2013-05-16 15:19:53 +0200
committer	Björn Schießle <schiessle@owncloud.com>	2013-05-16 15:19:53 +0200
commit	8ae30891b3cd5781741ce797b0ff99d68eab7c8d (patch)
tree	be4dbe155cfa990111971c84b873c84ba1e04bf0 /settings/ajax
parent	9d1e60325c6f478484ff8f70ff3cd13d9d7d4913 (diff)
download	nextcloud-server-8ae30891b3cd5781741ce797b0ff99d68eab7c8d.tar.gz nextcloud-server-8ae30891b3cd5781741ce797b0ff99d68eab7c8d.zip