return;
}
- if (($a->argc > 1) && ($a->argv[1] == 'connectors'))
- {
+ if (($a->argc > 1) && ($a->argv[1] == 'connectors')) {
check_form_security_token_redirectOnErr('/settings/connectors', 'settings_connectors');
if (x($_POST, 'general-submit')) {
if (!x($newpass) || !x($confirm)) {
notice(L10n::t('Empty passwords are not allowed. Password unchanged.') . EOL);
$err = true;
- }
+ }
+
+ if (!Config::get('system', 'disable_password_exposed', false) && User::isPasswordExposed($newpass)) {
+ notice(L10n::t('The new password has been exposed in a public data dump, please choose another.') . EOL);
+ $err = true;
+ }
- // check if the old password was supplied correctly before changing it to the new value
- if (!User::authenticate(intval(local_user()), $_POST['opassword'])) {
- notice(L10n::t('Wrong password.') . EOL);
- $err = true;
- }
+ // check if the old password was supplied correctly before changing it to the new value
+ if (!User::authenticate(intval(local_user()), $_POST['opassword'])) {
+ notice(L10n::t('Wrong password.') . EOL);
+ $err = true;
+ }
if (!$err) {
$result = User::updatePassword(local_user(), $newpass);
if (strlen(Config::get('system', 'directory'))) {
$profile_in_net_dir = replace_macros($opt_tpl, [
- '$field' => ['profile_in_netdirectory', L10n::t('Publish your default profile in the global social directory?'), $profile['net-publish'], L10n::t('Your profile will be publishedin this node\'s <a href="%s">local directory</a>. Your profile details may be publicly visible depending on the system settings.', System::baseUrl().'/directory'), [L10n::t('No'), L10n::t('Yes')]]
+ '$field' => ['profile_in_netdirectory', L10n::t('Publish your default profile in the global social directory?'), $profile['net-publish'], L10n::t('Your profile will be published in this node\'s <a href="%s">local directory</a>. Your profile details may be publicly visible depending on the system settings.', System::baseUrl().'/directory'), [L10n::t('No'), L10n::t('Yes')]]
]);
} else {
$profile_in_net_dir = '';