From 8ae30891b3cd5781741ce797b0ff99d68eab7c8d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Schie=C3=9Fle?= <schiessle@owncloud.com>
Date: Thu, 16 May 2013 15:19:53 +0200
Subject: [PATCH] some error handling in case the recovery password is wrong

---
 settings/ajax/changepassword.php | 7 +++++--
 settings/js/users.js             | 4 ++++
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/settings/ajax/changepassword.php b/settings/ajax/changepassword.php
index fe63f27a6e..adb730e12c 100644
--- a/settings/ajax/changepassword.php
+++ b/settings/ajax/changepassword.php
@@ -28,10 +28,13 @@ if(is_null($userstatus)) {
 	exit();
 }
 
-// Return Success story
-if(!is_null($password) && OC_User::setPassword( $username, $password, $recoveryPassword )) {
+$util = new \OCA\Encryption\Util(new \OC_FilesystemView('/'), \OCP\User::getUser());
+if ( $recoveryPassword && ! $util->checkRecoveryPassword($recoveryPassword) ) {
+	OC_JSON::error(array("data" => array( "message" => "Wrong recovery admin password. Please check the password and try again." )));
+}elseif(!is_null($password) && OC_User::setPassword( $username, $password, $recoveryPassword )) {
 	OC_JSON::success(array("data" => array( "username" => $username )));
 }
 else{
 	OC_JSON::error(array("data" => array( "message" => "Unable to change password" )));
 }
+error_log("bliub");
diff --git a/settings/js/users.js b/settings/js/users.js
index 9bd7f31f0b..423068e51f 100644
--- a/settings/js/users.js
+++ b/settings/js/users.js
@@ -357,6 +357,10 @@ $(document).ready(function () {
 						OC.filePath('settings', 'ajax', 'changepassword.php'),
 						{username: uid, password: $(this).val(), recoveryPassword: recoveryPasswordVal},
 						function (result) {
+							if (result.status != 'success') {
+								OC.dialogs.alert(result.data.message,
+									t('settings', 'Error changing password'));
+							}
 						}
 					);
 					input.blur();
-- 
GitLab