diff options
| author | Lukas Fleischer <lfleischer@archlinux.org> | 2020-01-30 14:00:07 +0100 |
|---|---|---|
| committer | Lukas Fleischer <lfleischer@archlinux.org> | 2020-01-30 14:05:24 +0100 |
| commit | def2787b45275de2b8dfab0ece87f35ea280567b (patch) | |
| tree | fd04ae7c32892203e3712245a11225c99a2f9365 /web/template/account_edit_form.php | |
| parent | 8fc8898fef39af20a24c9928464fd8420481d819 (diff) | |
| download | aur-def2787b45275de2b8dfab0ece87f35ea280567b.tar.gz aur-def2787b45275de2b8dfab0ece87f35ea280567b.tar.xz | |
Require password when changing account information
Since commits daee20c (Require current password when setting a new one,
2020-01-30) and 8fc8898 (Require password when deleting an account,
2020-01-30), changing a password and deleting an account require the
current password. Extend this to all other profile changes.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Diffstat (limited to 'web/template/account_edit_form.php')
| -rw-r--r-- | web/template/account_edit_form.php | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/web/template/account_edit_form.php b/web/template/account_edit_form.php index 7bd233a8..09d65c0f 100644 --- a/web/template/account_edit_form.php +++ b/web/template/account_edit_form.php @@ -140,12 +140,7 @@ <?php if ($A == "UpdateAccount"): ?> <fieldset> - <legend><?= __("If you want to change the password, enter your current passport, the new password and confirm the new password by entering it again.") ?></legend> - <p> - <label for="id_passwd_old"><?= __("Your current password") ?>:</label> - <input type="password" size="30" name="PO" id="id_passwd_old" value="<?= $PO ?>" /> - </p> - + <legend><?= __("If you want to change the password, enter a new password and confirm the new password by entering it again.") ?></legend> <p> <label for="id_passwd1"><?= __("Password") ?>:</label> <input type="password" size="30" name="P" id="id_passwd1" value="<?= $P ?>" /> @@ -182,16 +177,22 @@ </p> </fieldset> - <?php if ($A != "UpdateAccount"): ?> <fieldset> + <?php if ($A == "UpdateAccount"): ?> + <legend><?= __("To confirm the profile changes, please enter your current password:") ?></legend> + <p> + <label for="id_passwd_current"><?= __("Your current password") ?>:</label> + <input type="password" size="30" name="passwd" id="id_passwd_current" value="" /> + </p> + <?php else: ?> <legend><?= __("To protect the AUR against automated account creation, we kindly ask you to provide the output of the following command:") ?> <code><?= htmlspecialchars($captcha_challenge) ?></code></legend> <p> <label for="id_captcha"><?= __("Answer") ?>:</label> <input type="text" size="30" maxlength="6" name="captcha" id="id_captcha" value="<?= htmlspecialchars($captcha, ENT_QUOTES) ?>" /> (<?= __("required") ?>) <input type="hidden" name="captcha_salt" value="<?= htmlspecialchars($captcha_salt) ?>" /> </p> - </fieldset> <?php endif; ?> + </fieldset> <fieldset> <p> |