Require the current password to change your password.

Fixes ticket #585. Separate out the password change form from the regular edit user form. Require the old password to enter a new one. While I'm at it, roll the password strength javascript into a Form_Script element so that we can get rid of the old view (which incidentally fixes a bug where the password strength meter would go away on form errors).
author: Bharat Mediratta <bharat@menalto.com> 2010-02-02 21:36:01 -0800
committer: Bharat Mediratta <bharat@menalto.com> 2010-02-02 21:36:01 -0800
commit: 6e1b761b12e13566875804c33efe2ae130ffa32e (patch)
tree: d16f4efd3696349f22c83e880cbd65a1754cdb56 /modules/user/helpers
parent: b351ee48fe09efd570e22a02b82174c39ad86d46 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/modules/user/helpers/user.php b/modules/user/helpers/user.php
index 3561021f..7ceca6a5 100644
--- a/modules/user/helpers/user.php
+++ b/modules/user/helpers/user.php
@@ -70,6 +70,12 @@ class user_Core {
     return false;
   }
 
+  static function valid_password($password_input) {
+    if (!user::is_correct_password(identity::active_user(), $password_input->value)) {
+      $password_input->add_error("invalid", 1);
+    }
+  }
+
   /**
    * Create the hashed passwords.
    * @param string $password a plaintext password
author	Bharat Mediratta <bharat@menalto.com>	2010-02-02 21:36:01 -0800
committer	Bharat Mediratta <bharat@menalto.com>	2010-02-02 21:36:01 -0800
commit	6e1b761b12e13566875804c33efe2ae130ffa32e (patch)
tree	d16f4efd3696349f22c83e880cbd65a1754cdb56 /modules/user/helpers
parent	b351ee48fe09efd570e22a02b82174c39ad86d46 (diff)