X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=plugins%2Fchange_password%2Ffunctions.php;h=5272d6f7bf35786bbe2fb40fb8447dae11168f38;hp=123ed5d7b2a6e54b6df71ab737de1f7f02ee5b3f;hb=28e62e6d76cf414fbdaa1dd02eae4344d11ab2d6;hpb=882acf90e4d2345143c3c2f7b1b9e18cdba61260

diff --git a/plugins/change_password/functions.php b/plugins/change_password/functions.php
index 123ed5d..5272d6f 100644
--- a/plugins/change_password/functions.php
+++ b/plugins/change_password/functions.php
@@ -33,11 +33,6 @@ function cpw_check_input()
 
     $msg = array();
 
-    if(!$currentpw) {
-        $msg[] = _("You must type in your current password.");
-    } elseif($currentpw != OneTimePadDecrypt($key, $onetimepad)) {
-        $msg[] = _("Your current password is not correct.");
-    }
     if(!$newpw) {
         $msg[] = _("You must type in a new password.");
     }
@@ -46,6 +41,15 @@ function cpw_check_input()
     } elseif ($verifypw != $newpw) {
         $msg[] = _("Your new password does not match the verify password.");
     }
+
+    $orig_pw = OneTimePadDecrypt($key, $onetimepad);
+
+    if(!$currentpw) {
+        $msg[] = _("You must type in your current password.");
+    } elseif ($currentpw != $orig_pw) {
+        $msg[] = _("Your current password is not correct.");
+    }
+
     if($newpw && (strlen($newpw) < $cpw_pass_min_length ||
                   strlen($newpw) > $cpw_pass_max_length ) ) {
         $msg[] = sprintf(_("Your new password should be %s to %s characters long."),
@@ -85,9 +89,9 @@ function cpw_do_change()
     $msgs = do_hook_function('change_password_dochange',
         array (
             'username' => $username,
-	    'curpw' => $curpw,
-	    'newpw' => $newpw
-	) );
+            'curpw' => $curpw,
+            'newpw' => $newpw
+        ) );
 
     /* something bad happened, return */
     if(count($msgs) > 0) {