Patch for bug 123077; improve the ValidatePassword sub so that a password change...

diff --git a/globals.pl b/globals.pl
index ca20265e3b0167edb3e84621595afd6354f45b53..f76676597ef65b73af48ade21413eae9f7bff56b 100644 (file)
--- a/globals.pl
+++ b/globals.pl
@@ -856,7 +856,7 @@ sub ValidatePassword {
         return "The password is less than three characters long.  It must be at least three characters.";
     } elsif ( length($password) > 16 ) {
         return "The password is more than 16 characters long.  It must be no more than 16 characters.";
-    } elsif ( $matchpassword && $password ne $matchpassword ) { 
+    } elsif ( (defined $matchpassword) && ($password ne $matchpassword) ) { 
         return "The two passwords do not match.";
     }
 

diff --git a/userprefs.cgi b/userprefs.cgi
index 3a6a58463bdad0a8295d12eff707a5b0fa44dc6b..d105ede52910d90968eedf75ec826a0a7b49dde9 100755 (executable)
--- a/userprefs.cgi
+++ b/userprefs.cgi
@@ -108,15 +108,11 @@ sub SaveAccount {
 
         if ($pwd1 ne "" || $pwd2 ne "")
         {
-            if ($pwd1 ne $pwd2) {
-                DisplayError("The two passwords you entered did not match.");
-                exit;
-            }
             if ($::FORM{'new_password1'} eq '') {
                 DisplayError("You must enter a new password.");
                 exit;
             }
-            my $passworderror = ValidatePassword($pwd1);
+            my $passworderror = ValidatePassword($pwd1, $pwd2);
             (DisplayError($passworderror) && exit) if $passworderror;
         
             my $cryptedpassword = SqlQuote(Crypt($pwd1));