Move check for force change support before actually updating the user

diff --git a/acl/save_user.cgi b/acl/save_user.cgi
index 502f435..7b06e14 100755 (executable)
--- a/acl/save_user.cgi
+++ b/acl/save_user.cgi
@@ -63,6 +63,14 @@ if ($in{'pass_def'} == 0) {
                }
        }
 
+# Validate force change
+if ($in{'temp'}) {
+       &get_miniserv_config(\%miniserv);
+       $miniserv{'passwd_mode'} == 2 ||
+               &error(&text('save_etemp', '../webmin/edit_session.cgi'));
+       }
+
+
 # Find logged-in webmin user
 foreach $u (@ulist) {
        if ($u->{'name'} eq $base_remote_user) {
@@ -315,11 +323,6 @@ elsif ($in{'lock'} && $user{'pass'} !~ /^\!/ && $in{'pass_def'} <= 1) {
 
 # Check for force change
 $user{'temppass'} = $in{'temp'};
-if ($in{'temp'}) {
-       &get_miniserv_config(\%miniserv);
-       $miniserv{'passwd_mode'} == 2 ||
-               &error(&text('save_etemp', '../webmin/edit_session.cgi'));
-       }
 
 if ($in{'old'}) {
        # update user and all ACLs