From e6b8153865a521a4750ec44016c5f22f453edfe1 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Mon, 15 Oct 2012 16:50:41 +0200
Subject: Remove old password check from changepassword and use verifyUser
 instead

---
 settings/ajax/changepassword.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'settings/ajax/changepassword.php')

diff --git a/settings/ajax/changepassword.php b/settings/ajax/changepassword.php
index 5eab751b04e..5d94497ce58 100644
--- a/settings/ajax/changepassword.php
+++ b/settings/ajax/changepassword.php
@@ -10,7 +10,6 @@ OC_JSON::verifyUser();
 
 $username = isset($_POST["username"]) ? $_POST["username"] : OC_User::getUser();
 $password = $_POST["password"];
-$oldPassword=isset($_POST["oldpassword"])?$_POST["oldpassword"]:'';
 
 $userstatus = null;
 if(OC_Group::inGroup(OC_User::getUser(), 'admin')) {
@@ -19,7 +18,7 @@ if(OC_Group::inGroup(OC_User::getUser(), 'admin')) {
 if(OC_SubAdmin::isUserAccessible(OC_User::getUser(), $username)) {
 	$userstatus = 'subadmin';
 }
-if(OC_User::getUser() == $username && OC_User::checkPassword($username, $oldPassword)) {
+if(OC_User::getUser() == $username) {
 	$userstatus = 'user';
 }
 
-- 
cgit v1.2.3