From: ivan <ivan>
Date: Fri, 30 Sep 2011 05:15:29 +0000 (+0000)
Subject: check old password if supplied, RT#13656
X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=commitdiff_plain;h=09f9108ef6909ed453539448bd2e318016acc52a

check old password if supplied, RT#13656
---

diff --git a/FS/FS/ClientAPI/MyAccount.pm b/FS/FS/ClientAPI/MyAccount.pm
index a5f47934b..16a631118 100644
--- a/FS/FS/ClientAPI/MyAccount.pm
+++ b/FS/FS/ClientAPI/MyAccount.pm
@@ -2148,6 +2148,11 @@ sub myaccount_passwd {
   } )
     or return { 'error' => "Service not found" };
 
+  if ( exists($p->{'old_password'}) ) {
+    return "Incorrect password."
+      unless $svc_acct->check_password($p->{'old_password'});
+  }
+
   $svc_acct->_password($p->{'new_password'});
   my $error = $svc_acct->replace();