Merge branch 'master' into develop

[friendica.git] / mod / settings.php

diff --git a/mod/settings.php b/mod/settings.php
index b66cad7f9839d7c48eeb7dff27825456b617ccfd..8def780a592a6f85cba0acb803ba011aec26626c 100644 (file)
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -208,8 +208,7 @@ function settings_post(App $a)
                return;
        }
 
-       if (($a->argc > 1) && ($a->argv[1] == 'connectors'))
-       {
+       if (($a->argc > 1) && ($a->argv[1] == 'connectors')) {
                check_form_security_token_redirectOnErr('/settings/connectors', 'settings_connectors');
 
                if (x($_POST, 'general-submit')) {
@@ -388,13 +387,18 @@ function settings_post(App $a)
                if (!x($newpass) || !x($confirm)) {
                        notice(L10n::t('Empty passwords are not allowed. Password unchanged.') . EOL);
                        $err = true;
-        }
+               }
+
+               if (!Config::get('system', 'disable_password_exposed', false) && User::isPasswordExposed($newpass)) {
+                       notice(L10n::t('The new password has been exposed in a public data dump, please choose another.') . EOL);
+                       $err = true;
+               }
 
-        //  check if the old password was supplied correctly before changing it to the new value
-        if (!User::authenticate(intval(local_user()), $_POST['opassword'])) {
-            notice(L10n::t('Wrong password.') . EOL);
-            $err = true;
-        }
+               //  check if the old password was supplied correctly before changing it to the new value
+               if (!User::authenticate(intval(local_user()), $_POST['opassword'])) {
+                       notice(L10n::t('Wrong password.') . EOL);
+                       $err = true;
+               }
 
                if (!$err) {
                        $result = User::updatePassword(local_user(), $newpass);
@@ -1111,7 +1115,7 @@ function settings_content(App $a)
 
        if (strlen(Config::get('system', 'directory'))) {
                $profile_in_net_dir = replace_macros($opt_tpl, [
-                       '$field' => ['profile_in_netdirectory', L10n::t('Publish your default profile in the global social directory?'), $profile['net-publish'], L10n::t('Your profile will be publishedin this node\'s <a href="%s">local directory</a>. Your profile details may be publicly visible depending on the system settings.', System::baseUrl().'/directory'), [L10n::t('No'), L10n::t('Yes')]]
+                       '$field' => ['profile_in_netdirectory', L10n::t('Publish your default profile in the global social directory?'), $profile['net-publish'], L10n::t('Your profile will be published in this node\'s <a href="%s">local directory</a>. Your profile details may be publicly visible depending on the system settings.', System::baseUrl().'/directory'), [L10n::t('No'), L10n::t('Yes')]]
                ]);
        } else {
                $profile_in_net_dir = '';