#637: Force users to change their password if weak
authorMichael Tänzer <neo@nhng.de>
Tue, 19 Apr 2011 21:39:14 +0000 (23:39 +0200)
committerMichael Tänzer <neo@nhng.de>
Tue, 19 Apr 2011 21:39:14 +0000 (23:39 +0200)
#637: "Password suggestion always the same"

Signed-off-by: Michael Tänzer <neo@nhng.de>
pages/account/14.php
www/index.php

index 342ab46..29aeb21 100644 (file)
     along with this program; if not, write to the Free Software
     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 */ ?>
+<?
+       if (intval($_REQUEST['force']) === 1)
+{
+?>
+
+<p style="border:dotted 1px #900;padding:0.3em;bold;color:#ffffff;background-color:#ff0000;"><strong><center>
+<?=_("For your own security you should change your pass phrase immediately!"); ?></center></strong>
+</p>
+<?}?>
+
 <form method="post" action="account.php">
 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
   <tr>
index fb215c6..2634a47 100644 (file)
                                $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
                                $_SESSION['_config']['oldlocation'] = "account.php?id=13";
                        }
+                       if ($pword === "Fr3d Sm|7h")
+                               $_SESSION['_config']['oldlocation'] = "account.php?id=14&force=1";
                        if($_SESSION['_config']['oldlocation'] != "")
                                header("location: https://".$_SERVER['HTTP_HOST']."/".$_SESSION['_config']['oldlocation']);
                        else