person

1 files changed, 3 insertions, 1 deletions

diff --git a/application/modules/user/controllers/PersonController.php b/application/modules/user/controllers/PersonController.php
index c51a297..4a68985 100644
--- a/application/modules/user/controllers/PersonController.php
+++ b/application/modules/user/controllers/PersonController.php
@@ -151,7 +151,7 @@ class user_PersonController extends Zend_Controller_Action
 		if(!Pbs_Acl::checkRight('peod')) {
 			$this->_redirect('/user');
 		}
-		if($this->person->getID() == $this->_request->getParam('personID')) {
+		if($this->person->getID() != $this->_request->getParam('personID')) {
 			if(!Pbs_Acl::checkRight('peoa')) {
 				$this->_redirect('/user');
 			}
@@ -171,6 +171,7 @@ class user_PersonController extends Zend_Controller_Action
 					if($_POST['newpassword'] != '') {
 						$person->setPassword($_POST['newpassword']);
 						$person->setPasswordSalt(MD5(microtime(true)));
+						$person->setLoginPassword(crypt($person->getPassword(), '$6$'.randomString(8).'$'));
 						$person->setPassword(MD5($person->getPassword() . $person->getPasswordSalt()));
 					}
 					try {
@@ -188,6 +189,7 @@ class user_PersonController extends Zend_Controller_Action
 					if($_POST['newpassword'] != '') {
 						$this->person->setPassword($_POST['newpassword']);
 						$this->person->setPasswordSalt(MD5(microtime(true)));
+						$this->person->setLoginPassword(crypt($person->getPassword(), '$6$'.randomString(8).'$'));
 						$this->person->setPassword(MD5($this->person->getPassword() . $this->person->getPasswordSalt()));
 					}
 					try {