closes #2973

also fixes some UX issues and enforces password length check on both client and server
10 years ago · 799cc9397a
parent cc6f37ac4e
commit 799cc9397a
2 changed files with 32 additions and 9 deletions
--- a/public/src/client/account/edit.js
+++ b/public/src/client/account/edit.js
@ -240,25 +240,30 @@ define('forum/account/edit', ['forum/account/header', 'uploader', 'translator'],
 		var successIcon = '<i class="fa fa-check"></i>';
 		function onPasswordChanged() {
 			passwordvalid = utils.isPasswordValid(password.val());
 			if (password.val().length < config.minimumPasswordLength) {
 				showError(password_notify, '[[user:change_password_error_length]]');
-			} else if (!passwordvalid) {
+				passwordvalid = false;
 			} else if (!utils.isPasswordValid(password.val())) {
 				showError(password_notify, '[[user:change_password_error]]');
 				passwordvalid = false;
 			} else {
 				showSuccess(password_notify, successIcon);
 				passwordvalid = true;
 			}
 		}
 		function onPasswordConfirmChanged() {
-			if(password.val()) {
+			if (password.val() !== password_confirm.val()) {
-				if (password.val() !== password_confirm.val()) {
+				showError(password_confirm_notify, '[[user:change_password_error_match]]');
-					showError(password_confirm_notify, '[[user:change_password_error_match]]');
+				passwordsmatch = false;
-					passwordsmatch = false;
+			} else {
-				} else {
+				if (password.val()) {
 					showSuccess(password_confirm_notify, successIcon);
-					passwordsmatch = true;
+				} else {
 					removeAlert(password_confirm_notify);
 				}
 				passwordsmatch = true;
 			}
 		}
@ -266,6 +271,9 @@ define('forum/account/edit', ['forum/account/header', 'uploader', 'translator'],
 		password_confirm.on('blur', onPasswordConfirmChanged);
 		$('#changePasswordBtn').on('click', function() {
 			onPasswordChanged();
 			onPasswordConfirmChanged();
 			var btn = $(this);
 			if ((passwordvalid && passwordsmatch) || app.user.isAdmin) {
 				btn.addClass('disabled').find('i').removeClass('hide');
@ -282,11 +290,21 @@ define('forum/account/edit', ['forum/account/header', 'uploader', 'translator'],
 					passwordvalid = false;
 					if (err) {
 						onPasswordChanged();
 						onPasswordConfirmChanged();
 						return app.alertError(err.message);
 					}
 					app.alertSuccess('[[user:change_password_success]]');
 				});
 			} else {
 				if (!passwordsmatch) {
 					app.alertError('[[user:change_password_error_match]]');
 				} 
 				if (!passwordvalid) {
 					app.alertError('[[user:change_password_error]]');
 				}
 			}
 			return false;
 		});
@ -349,5 +367,10 @@ define('forum/account/edit', ['forum/account/header', 'uploader', 'translator'],
 		});
 	}
 	function removeAlert(element) {
 		element.html('');
 		element.parent().removeClass('alert-success alert-danger');
 	}
 	return AccountEdit;
 });
--- a/src/socket.io/user.js
+++ b/src/socket.io/user.js
@ -138,7 +138,7 @@ SocketUser.checkStatus = function(socket, uid, callback) {
 };
 SocketUser.changePassword = function(socket, data, callback) {
-	if (!data || !data.uid) {
+	if (!data || !data.uid || data.newPassword.length < meta.config.minimumPasswordLength) {
 		return callback(new Error('[[error:invalid-data]]'));
 	}
 	if (!socket.uid) {