Skip to:
Content

BuddyPress.org

Changeset 9628


Ignore:
Timestamp:
03/20/2015 12:37:51 PM (5 years ago)
Author:
imath
Message:

In user settings, make sure current password does not match new password

When the user is changing his password, it will display an error message if the new password is the same as the current password.

Props henry.wright

Fixes #6111

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/bp-settings/bp-settings-actions.php

    r9355 r9628  
    161161        if ( !empty( $_POST['pass1'] ) && !empty( $_POST['pass2'] ) ) {
    162162
    163             // Password change attempt is successful
    164163            if ( ( $_POST['pass1'] == $_POST['pass2'] ) && !strpos( " " . $_POST['pass1'], "\\" ) ) {
    165                 $update_user->user_pass = $_POST['pass1'];
    166                 $pass_changed = true;
     164               
     165                // Password change attempt is successful
     166                if ( $_POST['pwd'] != $_POST['pass1'] ) {
     167                    $update_user->user_pass = $_POST['pass1'];
     168                    $pass_changed = true;
     169                   
     170                // The new password is the same as the current password
     171                } else {
     172                    $pass_error = 'same';
     173                }
    167174
    168175            // Password change attempt was unsuccessful
     
    236243            $feedback['pass_empty']    = __( 'One of the password fields was empty.', 'buddypress' );
    237244            break;
     245        case 'same' :
     246            $feedback['pass_same']     = __( 'The new password must be different from the current password.', 'buddypress' );
    238247        case false :
    239248            // No change
Note: See TracChangeset for help on using the changeset viewer.