From 1645c8f81954c6a5ada8a178b6acd6d50da318f0 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Mon, 24 Nov 2014 15:44:43 +0100 Subject: [PATCH] use login name to verify password --- apps/files_encryption/ajax/updatePrivateKeyPassword.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/apps/files_encryption/ajax/updatePrivateKeyPassword.php b/apps/files_encryption/ajax/updatePrivateKeyPassword.php index 0f182e9383..fa5e279b21 100644 --- a/apps/files_encryption/ajax/updatePrivateKeyPassword.php +++ b/apps/files_encryption/ajax/updatePrivateKeyPassword.php @@ -26,9 +26,10 @@ $newPassword = $_POST['newPassword']; $view = new \OC\Files\View('/'); $session = new \OCA\Encryption\Session($view); $user = \OCP\User::getUser(); +$loginName = \OC::$server->getUserSession()->getLoginName(); // check new password -$passwordCorrect = \OCP\User::checkPassword($user, $newPassword); +$passwordCorrect = \OCP\User::checkPassword($loginName, $newPassword); if ($passwordCorrect !== false) {