diff options
author | Thomas Steur <tsteur@users.noreply.github.com> | 2018-11-30 00:31:54 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-11-30 00:31:54 +0300 |
commit | 414230d05a03dc703ad5c6263d2499c46bdecde7 (patch) | |
tree | 544aa75eaaa7a070f0011320954cbae8ae4d76ca /plugins/Login | |
parent | 1d3388c1cd3dd03743576d670118a65e9cd879cb (diff) |
When changing password or email address, require to type old password (#13683)
Diffstat (limited to 'plugins/Login')
-rw-r--r-- | plugins/Login/PasswordResetter.php | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/plugins/Login/PasswordResetter.php b/plugins/Login/PasswordResetter.php index e3f6bcde57..c52bc8a6b4 100644 --- a/plugins/Login/PasswordResetter.php +++ b/plugins/Login/PasswordResetter.php @@ -19,6 +19,7 @@ use Piwik\Piwik; use Piwik\Plugins\UsersManager\Model; use Piwik\Plugins\UsersManager\UsersManager; use Piwik\Plugins\UsersManager\API as UsersManagerAPI; +use Piwik\Plugins\UsersManager\UserUpdater; use Piwik\SettingsPiwik; use Piwik\Url; @@ -228,8 +229,8 @@ class PasswordResetter // reset password of user $usersManager = $this->usersManagerApi; Access::doAsSuperUser(function () use ($usersManager, $user, $resetPassword) { - $usersManager->updateUser( - $user['login'], $resetPassword, $email = false, $alias = false, $isPasswordHashed = true); + $userUpdater = new UserUpdater(); + $userUpdater->updateUserWithoutCurrentPassword($user['login'], $resetPassword, $email = false, $alias = false, $isPasswordHashed = true); }); } |