summaryrefslogtreecommitdiff
path: root/save.php
diff options
context:
space:
mode:
authorfisharebest <fisharebest@gmail.com>2011-02-19 22:24:44 +0000
committerfisharebest <fisharebest@gmail.com>2011-02-19 22:24:44 +0000
commit60bdcaed055bf89a9546fd09b7034766daac6298 (patch)
treeae7a43eb095a602172fcf7d06f65e15f8985148d /save.php
parent8b6ac4550eecbb89b10a81b907deaeb45bda4372 (diff)
downloadwebtrees-60bdcaed055bf89a9546fd09b7034766daac6298.tar.gz
webtrees-60bdcaed055bf89a9546fd09b7034766daac6298.tar.bz2
webtrees-60bdcaed055bf89a9546fd09b7034766daac6298.zip
Editing passwords: Use "click to edit" instead of "*****". Otherwise it is easy to set your password to literally "*****"
Diffstat (limited to 'save.php')
-rw-r--r--save.php19
1 files changed, 11 insertions, 8 deletions
diff --git a/save.php b/save.php
index 608826305b..1a161827f2 100644
--- a/save.php
+++ b/save.php
@@ -101,11 +101,12 @@ case 'site_setting':
case 'SMTP_SSL':
break;
case 'SMTP_AUTH_PASS':
- // The password will be displayed as ***** on screen.
- // Accept the update, but pretend to fail. This will leave the ***** on screen
- set_site_setting($id1, $value);
+ // The password will be displayed as "click to edit" on screen.
+ // Accept the update, but pretend to fail. This will leave the "click to edit" on screen
+ if ($value) {
+ set_site_setting($id1, $value);
+ }
fail();
- break;
default:
// An unrecognised setting
fail();
@@ -129,10 +130,12 @@ case 'user':
// Validation
switch ($id1) {
case 'password':
- // The password will be displayed as ***** on screen.
- // Accept the update, but pretend to fail. This will leave the ***** on screen
- set_user_password($id2, crypt($value));
- AddToLog('User ID: '.$user_id. ' changed password', 'auth');
+ // The password will be displayed as "click to edit" on screen.
+ // Accept the update, but pretend to fail. This will leave the "click to edit" on screen
+ if ($value) {
+ set_user_password($id2, crypt($value));
+ AddToLog('User ID: '.$user_id. ' changed password', 'auth');
+ }
fail();
case 'user_name':
case 'real_name':