diff --git a/index.php b/index.php index f3130ba..6980a83 100644 --- a/index.php +++ b/index.php @@ -34,6 +34,7 @@ if ($VARS['progress'] == "1") { $alert = lang("password expired", false); $alerttype = "info"; $_SESSION['username'] = strtolower($VARS['username']); + $_SESSION['uid'] = $database->get('accounts', 'uid', ['username' => strtolower($VARS['username'])]); $change_password = true; break; case "NORMAL": @@ -109,6 +110,8 @@ if ($VARS['progress'] == "1") { $alerttype = MESSAGES["password_updated"]["type"]; } switch (count($error)) { + case 0: + break; case 1: $alert = lang(MESSAGES[$error[0]]["string"], false); $alerttype = MESSAGES[$error[0]]["type"]; diff --git a/lib/login.php b/lib/login.php index 4ffd107..e052878 100644 --- a/lib/login.php +++ b/lib/login.php @@ -87,19 +87,20 @@ function change_password($old, $new, $new2, &$error) { // Figure out how to change the password, then do it $acctloc = account_location($_SESSION['username']); if ($acctloc == "LOCAL") { - $database->update('accounts', ['password' => encryptPassword($VARS['newpass'])], ['uid' => $_SESSION['uid']]); - $_SESSION['password'] = $VARS['newpass']; + $database->update('accounts', ['password' => encryptPassword($new), 'acctstatus' => 1], ['uid' => $_SESSION['uid']]); + $_SESSION['password'] = $new; insertAuthLog(3, $_SESSION['uid']); return true; } else if ($acctloc == "LDAP") { try { $repository = $ldap->getRepository(LdapObjectType::USER); $user = $repository->findOneByUsername($_SESSION['username']); - $user->setPassword($VARS['newpass']); + $user->setPassword($new); $user->setpasswordMustChange(false); $ldap->persist($user); + $database->update('accounts', ['acctstatus' => 1], ['uid' => $_SESSION['uid']]); insertAuthLog(3, $_SESSION['uid']); - $_SESSION['password'] = $VARS['newpass']; + $_SESSION['password'] = $new; return true; } catch (\Exception $e) { // Stupid password complexity BS error