Fail if password change prompt is checked but won't work

author Jamie Cameron <jcameron@webmin.com>

Tue, 25 Aug 2009 04:13:39 +0000 (21:13 -0700)

committer Jamie Cameron <jcameron@webmin.com>

Tue, 25 Aug 2009 04:13:39 +0000 (21:13 -0700)
author Jamie Cameron <jcameron@webmin.com>
Tue, 25 Aug 2009 04:13:39 +0000 (21:13 -0700)
committer Jamie Cameron <jcameron@webmin.com>
Tue, 25 Aug 2009 04:13:39 +0000 (21:13 -0700)
diff --git a/acl/lang/en b/acl/lang/en

index bb9ffb9..a1eeb25 100644 (file)
--- a/acl/lang/en
+++ b/acl/lang/en
@@ -125,6 +125,7 @@ save_eminsize=Missing or non-numeric minimum password length
  save_edays=No days to allow selected
  save_ehours=Missing or invalid times to allow
  save_ehours2=Start time to allow must be before end
+save_etemp=The option to force a password change at next login cannot be used unless <a href='$1'>prompting users to enter new passwords</a> is enabled
  
  delete_err=Failed to delete user
  delete_eself=You cannot delete yourself
diff --git a/acl/save_user.cgi b/acl/save_user.cgi

index d729ca3..7da0bfd 100755 (executable)
--- a/acl/save_user.cgi
+++ b/acl/save_user.cgi
@@ -314,6 +314,11 @@ elsif ($in{'lock'} && $user{'pass'} !~ /^\!/ && $in{'pass_def'} <= 1) {
  
  # Check for force change
  $user{'temppass'} = $in{'temp'};
+if ($in{'temp'}) {
+       &get_miniserv_config(\%miniserv);
+       $miniserv{'passwd_mode'} == 2 ||
+               &error(&text('save_etemp', '../webmin/edit_session.cgi'));
+       }
  
  if ($in{'old'}) {
         # update user and all ACLs
author	Jamie Cameron <jcameron@webmin.com>
	Tue, 25 Aug 2009 04:13:39 +0000 (21:13 -0700)
committer	Jamie Cameron <jcameron@webmin.com>
	Tue, 25 Aug 2009 04:13:39 +0000 (21:13 -0700)
acl/lang/en		patch \| blob \| history
acl/save_user.cgi		patch \| blob \| history