From df466c7aec2704406e008f31924afa8b80c259ab Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Fri, 15 Feb 2008 16:43:16 +0100
Subject: [PATCH] Use auth backend to verify password on profile update FS#1328

darcs-hash:20080215154316-7ad00-d052e2eed8e47e62ff639cd66d7debb4bfd293fc.gz
---
 inc/auth.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/inc/auth.php b/inc/auth.php
index 5c60f8a35..10f33bcf3 100644
--- a/inc/auth.php
+++ b/inc/auth.php
@@ -652,7 +652,7 @@ function updateprofile() {
   }
 
   if ($conf['profileconfirm']) {
-      if (!auth_verifyPassword($_POST['oldpass'],$INFO['userinfo']['pass'])) {
+    if (!$auth->checkPass($_SERVER['REMOTE_USER'], $_POST['oldpass'])) {
       msg($lang['badlogin'],-1);
       return false;
     }
-- 
GitLab