From: Paul Hänsch <paul@plutz.net>
Date: Fri, 16 Feb 2024 17:39:18 +0000 (+0100)
Subject: bugfix: faulty validation in user_update made pw change impossible
X-Git-Url: https://git.plutz.net/?a=commitdiff_plain;h=04871f749f90aeaa8bfca07edf5a6cd5d3fac2bf;p=cgilite

bugfix: faulty validation in user_update made pw change impossible
---

diff --git a/users.sh b/users.sh
index f616ca0..4d7965a 100755
--- a/users.sh
+++ b/users.sh
@@ -429,7 +429,7 @@ user_update(){
 
         uid="$(POST uid)"
       oldpw="$(POST oldpw)"
-         pw="$(POST pw |grep -xE '.{6}')"
+         pw="$(POST pw |grep -m1 -xE '.{6,}')"
   pwconfirm="$(POST pwconfirm)"
 
 
@@ -442,7 +442,7 @@ user_update(){
       update_user "${uid}" password="$pw"
       REDIRECT "${_BASE}${PATH_INFO}#UPDATE_SUCCESS"
     else
-      REDIRECT "${_BASE}${PATH_INFO}#ERROR_PWMISMATCH"
+      REDIRECT "${_BASE}${PATH_INFO}#ERROR_PW_MISMATCH"
     fi
   elif [ "$UID_" = "$USER_ID" ]; then
     REDIRECT "${_BASE}${PATH_INFO}#ERROR_INVALID_AUTH_PASSWORD"