Require password when changing account information

Since commits daee20c (Require current password when setting a new one, 2020-01-30) and 8fc8898 (Require password when deleting an account, 2020-01-30), changing a password and deleting an account require the current password. Extend this to all other profile changes. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
author: Lukas Fleischer <lfleischer@archlinux.org> 2020-01-30 14:00:07 +0100
committer: Lukas Fleischer <lfleischer@archlinux.org> 2020-01-30 14:05:24 +0100
commit: def2787b45275de2b8dfab0ece87f35ea280567b (patch)
tree: fd04ae7c32892203e3712245a11225c99a2f9365 /web/html/account.php
parent: 8fc8898fef39af20a24c9928464fd8420481d819 (diff)
download: aur-def2787b45275de2b8dfab0ece87f35ea280567b.tar.gz
aur-def2787b45275de2b8dfab0ece87f35ea280567b.tar.xz
1 files changed, 3 insertions, 2 deletions
diff --git a/web/html/account.php b/web/html/account.php
index 03af8d43..ff9aba5b 100644
--- a/web/html/account.php
+++ b/web/html/account.php
@@ -34,7 +34,6 @@ if ($action == "UpdateAccount") {
 			in_request("S"),
 			in_request("E"),
 			in_request("H"),
-			in_request("PO"),
 			in_request("P"),
 			in_request("C"),
 			in_request("R"),
@@ -49,7 +48,9 @@ if ($action == "UpdateAccount") {
 			in_request("UN"),
 			in_request("ON"),
 			in_request("ID"),
-			$row["Username"]);
+			$row["Username"],
+			in_request("passwd")
+		);
 	}
 }
author	Lukas Fleischer <lfleischer@archlinux.org>	2020-01-30 14:00:07 +0100
committer	Lukas Fleischer <lfleischer@archlinux.org>	2020-01-30 14:05:24 +0100
commit	def2787b45275de2b8dfab0ece87f35ea280567b (patch)
tree	fd04ae7c32892203e3712245a11225c99a2f9365 /web/html/account.php
parent	8fc8898fef39af20a24c9928464fd8420481d819 (diff)
download	aur-def2787b45275de2b8dfab0ece87f35ea280567b.tar.gz aur-def2787b45275de2b8dfab0ece87f35ea280567b.tar.xz