From eb56ee821f0261c0106252c561e314b753b4cbb5 Mon Sep 17 00:00:00 2001
From: Tim Almdal <tnalmdal@shaw.ca>
Date: Tue, 3 Feb 2009 00:17:40 +0000
Subject: Add a confirmation password input field that must match the primary
 password field in order for the update to succeed.  If there is no data
 entered in the primary password field, the confirmation field is ignored.

Addresses Trac Ticket #4
---
 modules/user/controllers/admin_users.php | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'modules/user/controllers/admin_users.php')

diff --git a/modules/user/controllers/admin_users.php b/modules/user/controllers/admin_users.php
index 38e68d30..496ed9ca 100644
--- a/modules/user/controllers/admin_users.php
+++ b/modules/user/controllers/admin_users.php
@@ -37,6 +37,12 @@ class Admin_Users_Controller extends Controller {
       $valid = false;
     }
 
+    if ($form->add_user->password->value &&
+        $form->add_user->password->value != $form->add_user->password2->value) {
+      $form->add_user->password2->add_error("mistyped", 1);
+      $valid = false;
+    }
+
     if ($valid) {
       $user = user::create(
         $name, $form->add_user->full_name->value, $form->add_user->password->value);
@@ -106,6 +112,12 @@ class Admin_Users_Controller extends Controller {
       }
     }
 
+    if ($form->edit_user->password->value &&
+        $form->edit_user->password->value != $form->edit_user->password2->value) {
+      $form->edit_user->password2->add_error("mistyped", 1);
+      $valid = false;
+    }
+
     if ($valid) {
       $user->name = $new_name;
       $user->full_name = $form->edit_user->full_name->value;
-- 
cgit v1.2.3