From ebd9adca69d6e26f3c237c3e95a6995e88d2b64e Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 8 Jul 2008 00:12:10 -0400 Subject: [PATCH] ignore old password if no old password darcs-hash:20080708041210-84dde-71118bdd00ace64af0aee5033bff69e638a1463c.gz --- actions/password.php | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/actions/password.php b/actions/password.php index 9573f4940f..ed3f2ada0d 100644 --- a/actions/password.php +++ b/actions/password.php @@ -28,12 +28,16 @@ class PasswordAction extends SettingsAction { } function show_form($msg=NULL, $success=false) { + $user = common_current_user(); $this->form_header(_t('Change password'), $msg, $success); common_element_start('form', array('method' => 'post', 'id' => 'password', 'action' => common_local_url('password'))); - common_password('oldpassword', _t('Old password')); + # Users who logged in with OpenID won't have a pwd + if ($user->password) { + common_password('oldpassword', _t('Old password')); + } common_password('newpassword', _t('New password'), _t('6 or more characters')); common_password('confirm', _t('Confirm'), @@ -50,7 +54,6 @@ class PasswordAction extends SettingsAction { # FIXME: scrub input - $oldpassword = $this->arg('oldpassword'); $newpassword = $this->arg('newpassword'); $confirm = $this->arg('confirm'); @@ -59,9 +62,13 @@ class PasswordAction extends SettingsAction { return; } - if (!common_check_user($user->nickname, $oldpassword)) { - $this->show_form(_t('Incorrect old password')); - return; + if ($user->password) { + $oldpassword = $this->arg('oldpassword'); + + if (!common_check_user($user->nickname, $oldpassword)) { + $this->show_form(_t('Incorrect old password')); + return; + } } $original = clone($user);