diff options
Diffstat (limited to 'settings/ajax/changepassword.php')
| -rw-r--r-- | settings/ajax/changepassword.php | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/settings/ajax/changepassword.php b/settings/ajax/changepassword.php index fe63f27a6e2..adb730e12c2 100644 --- a/settings/ajax/changepassword.php +++ b/settings/ajax/changepassword.php @@ -28,10 +28,13 @@ if(is_null($userstatus)) { exit(); } -// Return Success story -if(!is_null($password) && OC_User::setPassword( $username, $password, $recoveryPassword )) { +$util = new \OCA\Encryption\Util(new \OC_FilesystemView('/'), \OCP\User::getUser()); +if ( $recoveryPassword && ! $util->checkRecoveryPassword($recoveryPassword) ) { + OC_JSON::error(array("data" => array( "message" => "Wrong recovery admin password. Please check the password and try again." ))); +}elseif(!is_null($password) && OC_User::setPassword( $username, $password, $recoveryPassword )) { OC_JSON::success(array("data" => array( "username" => $username ))); } else{ OC_JSON::error(array("data" => array( "message" => "Unable to change password" ))); } +error_log("bliub"); |