diff options
Diffstat (limited to 'application/modules/user/controllers')
| -rw-r--r-- | application/modules/user/controllers/PersonController.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/application/modules/user/controllers/PersonController.php b/application/modules/user/controllers/PersonController.php index c51a297..4a68985 100644 --- a/application/modules/user/controllers/PersonController.php +++ b/application/modules/user/controllers/PersonController.php @@ -151,7 +151,7 @@ class user_PersonController extends Zend_Controller_Action if(!Pbs_Acl::checkRight('peod')) { $this->_redirect('/user'); } - if($this->person->getID() == $this->_request->getParam('personID')) { + if($this->person->getID() != $this->_request->getParam('personID')) { if(!Pbs_Acl::checkRight('peoa')) { $this->_redirect('/user'); } @@ -171,6 +171,7 @@ class user_PersonController extends Zend_Controller_Action if($_POST['newpassword'] != '') { $person->setPassword($_POST['newpassword']); $person->setPasswordSalt(MD5(microtime(true))); + $person->setLoginPassword(crypt($person->getPassword(), '$6$'.randomString(8).'$')); $person->setPassword(MD5($person->getPassword() . $person->getPasswordSalt())); } try { @@ -188,6 +189,7 @@ class user_PersonController extends Zend_Controller_Action if($_POST['newpassword'] != '') { $this->person->setPassword($_POST['newpassword']); $this->person->setPasswordSalt(MD5(microtime(true))); + $this->person->setLoginPassword(crypt($person->getPassword(), '$6$'.randomString(8).'$')); $this->person->setPassword(MD5($this->person->getPassword() . $this->person->getPasswordSalt())); } try { |