From 64d6246a5ac3699e4455c36a2ccdf2c8b275e114 Mon Sep 17 00:00:00 2001 From: Franco Fichtner Date: Fri, 26 Jun 2015 11:59:53 +0200 Subject: [PATCH] users: prompt for old password to avoid account hijacking --- src/www/system_usermanager_passwordmg.php | 24 +++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/src/www/system_usermanager_passwordmg.php b/src/www/system_usermanager_passwordmg.php index aefb4b373..de5ab28ae 100644 --- a/src/www/system_usermanager_passwordmg.php +++ b/src/www/system_usermanager_passwordmg.php @@ -32,22 +32,24 @@ require_once("guiconfig.inc"); $pgtitle = array(gettext("System"),gettext("User Password")); +if (session_status() == PHP_SESSION_NONE) { + session_start(); +} + if (isset($_POST['save'])) { unset($input_errors); /* input validation */ - $reqdfields = explode(" ", "passwordfld1"); + $reqdfields = explode(" ", "passwordfld0 passwordfld1 passwordfld2"); $reqdfieldsn = array(gettext("Password")); do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); - if ($_POST['passwordfld1'] != $_POST['passwordfld2']) { + if ($_POST['passwordfld1'] != $_POST['passwordfld2'] || + $config['system']['user'][$userindex[$_SESSION['Username']]]['password'] != crypt($_POST['passwordfld0'], '$6$')) { $input_errors[] = gettext("The passwords do not match."); } if (!$input_errors) { - if (session_status() == PHP_SESSION_NONE) { - session_start(); - } // all values are okay --> saving changes $config['system']['user'][$userindex[$_SESSION['Username']]]['password'] = crypt($_POST['passwordfld1'], '$6$'); local_user_set($config['system']['user'][$userindex[$_SESSION['Username']]]); @@ -59,10 +61,6 @@ if (isset($_POST['save'])) { } } -if (session_status() == PHP_SESSION_NONE) { - session_start(); -} - /* determine if user is not local to system */ $islocal = false; foreach ($config['system']['user'] as $user) { @@ -118,7 +116,13 @@ include("head.inc"); - + + + + + + +