X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=httemplate%2Fpref%2Fpref-process.html;h=665bb81c272d8458578feeef980e21d7aafb3e31;hb=101264df51f2ae06f9cabf4b394bbee3bc7fedf9;hp=7848b72cb3a9bad323365ec2e790ba3543a5b578;hpb=d7006fb84965da14819c4ad3581fcb5e907a14d3;p=freeside.git

diff --git a/httemplate/pref/pref-process.html b/httemplate/pref/pref-process.html
index 7848b72cb..665bb81c2 100644
--- a/httemplate/pref/pref-process.html
+++ b/httemplate/pref/pref-process.html
@@ -7,6 +7,8 @@
 % }
 <%init>
 
+my $access_user = $FS::CurrentUser::CurrentUser;
+
 if ( FS::Conf->new->exists('disable_acl_changes') ) {
   errorpage("Preference changes disabled in public demo");
   die "shouldn't be reached";
@@ -19,29 +21,27 @@ if ( FS::Auth->auth_class->can('change_password')
             qw(_password new_password new_password2)
    ) {
 
-  if ( $cgi->param('new_password') ne $cgi->param('new_password2') ) {
+  my $oldpass = $cgi->param('_password');
+  my $newpass = $cgi->param('new_password');
+
+  if ( $newpass ne $cgi->param('new_password2') ) {
     $error = "New passwords don't match";
 
-  } elsif ( ! length($cgi->param('new_password')) ) {
+  } elsif ( ! length($newpass) ) {
     $error = 'No new password entered';
 
-  } elsif ( ! FS::Auth->authenticate( $FS::CurrentUser::CurrentUser,
-                                      scalar($cgi->param('_password')) )
-          ) {
+  } elsif ( ! FS::Auth->authenticate( $access_user, $oldpass ) ) {
     $error = 'Current password incorrect; password not changed';
 
   } else {
 
-    $error = $FS::CurrentUser::CurrentUser->change_password(
-      scalar($cgi->param('new_password'))
-    );
+    $error = $access_user->is_password_allowed($newpass)
+          || $access_user->change_password($newpass);
 
   }
 
 }
 
-my $access_user = $FS::CurrentUser::CurrentUser;
-
 #well, if you got your password change wrong, you don't get anything else
 #changed right now.  but it should be sticky on the form
 unless ( $error ) { # if ($access_user) {
@@ -54,7 +54,8 @@ unless ( $error ) { # if ($access_user) {
                       spreadsheet_format mobile_menu
                       enable_fuzzy_on_exact
                       disable_html_editor disable_enter_submit_onetimecharge
-                      enable_mask_clipboard_hack
+                      enable_mask_clipboard_hack dashboard_customers
+                      customer_view_emails
                       email_address
                       snom-ip snom-username snom-password
                       vonage-fromnumber vonage-username vonage-password