]> jfr.im git - irc/unrealircd/unrealircd-webpanel.git/blobdiff - settings/user-edit.php
projects / irc / unrealircd / unrealircd-webpanel.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security: check passwords against Have I Been Pwned
[irc/unrealircd/unrealircd-webpanel.git] / settings / user-edit.php
diff --git a/settings/user-edit.php b/settings/user-edit.php
index 69b52c18cc2901e1f02247cd27adda7523771f5f..4c77f6a118fa3d513485aac8267af392aa5acfe9 100644 (file)
--- a/settings/user-edit.php
+++ b/settings/user-edit.php
@@ -19,6 +19,7 @@ if ($postbutton && isset($_POST['user_role']) && $caneditpermissions)
     if ($_POST['user_role'] != $edit_user->user_meta['role'])
     {
         $edit_user->add_meta("role", $_POST['user_role']);
+        $edit_user->delete_meta("permissions");
         Message::Success("Updated the role of $edit_user->username");
     }
 }
@@ -43,6 +44,8 @@ if ($postbutton && $can_edit_profile)
     elseif ($array['update_pass'] == $array['update_pass_conf'])
     {
         $array['update_pass_conf'] = PanelUser::password_hash($array['update_pass_conf']);
+        $edit_user->delete_meta("hibp");
+        $edit_user->HIBP(sha1($array['update_pass']));
         unset($array['update_pass']);
     }
     else
Unnamed repository; edit this file 'description' to name the repository.