SF.net SVN: postfixadmin: [270] trunk/users/password.php

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Revision: 270
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=270&view=rev
Author:   GingerDog
Date:     2007-12-16 23:01:50 -0800 (Sun, 16 Dec 2007)

Log Message:
-----------
users/password.php: add password length checking (thought I had already committed this!) (cboltz: what is the right string to use in the error message?)

Modified Paths:
--------------
    trunk/users/password.php

Modified: trunk/users/password.php
===================================================================

--- trunk/users/password.php	2007-12-16 00:05:50 UTC (rev 269)
+++ trunk/users/password.php	2007-12-17 07:01:50 UTC (rev 270)
@@ -46,13 +46,17 @@
     $fPassword = escape_string ($_POST['fPassword']);
     $fPassword2 = escape_string ($_POST['fPassword2']);
 
+    if(strlen($fPassword) < $CONF['min_password_length']) {
+        $error = 1;
+        flash_error($PALANG['pPassword_password_too_short_error'];
+    }
     $username = $USERID_USERNAME;
 
     $result = db_query ("SELECT * FROM $table_mailbox WHERE username='$username'");
     if ($result['rows'] == 1)
     {
         $row = db_array ($result['result']);
-        $checked_password = pacrypt ($fPassword_current, $row['password']);
+        $checked_password = pacrypt($fPassword_current, $row['password']);
 
         $result = db_query ("SELECT * FROM $table_mailbox WHERE username='$username' AND password='$checked_password'");      
         if ($result['rows'] != 1)


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


