From 6607747b3790fd003d587c949157158bff0b7b50 Mon Sep 17 00:00:00 2001 From: James Date: Mon, 22 Oct 2012 13:48:14 +0100 Subject: Require that user type in two passwords and check they match when registering. --- data/templates/default/register.tpl.php | 5 +++++ www/register.php | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/data/templates/default/register.tpl.php b/data/templates/default/register.tpl.php index 62cebad..6cfddd7 100644 --- a/data/templates/default/register.tpl.php +++ b/data/templates/default/register.tpl.php @@ -22,6 +22,11 @@ window.onload = function() { + + + + + diff --git a/www/register.php b/www/register.php index d78ede3..a607c17 100644 --- a/www/register.php +++ b/www/register.php @@ -34,6 +34,7 @@ if (!$GLOBALS['enableRegistration']) { isset($_POST['submitted']) ? define('POST_SUBMITTED', $_POST['submitted']): define('POST_SUBMITTED', ''); isset($_POST['username']) ? define('POST_USERNAME', $_POST['username']): define('POST_USERNAME', ''); isset($_POST['password']) ? define('POST_PASS', $_POST['password']): define('POST_PASS', ''); +isset($_POST['password2']) ? define('POST_PASS2', $_POST['password2']): define('POST_PASS2', ''); if (isset($_POST['email'])) { define('POST_MAIL', $_POST['email']); } else if (isset($_SERVER['SSL_CLIENT_S_DN_Email'])) { @@ -51,6 +52,10 @@ if (POST_SUBMITTED != '') { if (!($posteduser) || POST_PASS == '' || POST_MAIL == '') { $tplVars['error'] = T_('You must enter a username, password and e-mail address.'); + // Check if passwords match + } elseif (POST_PASS != POST_PASS2) { + $tplVars['error'] = T_('Those passwords do not match.'); + // Check if username is reserved } elseif ($userservice->isReserved($posteduser)) { $tplVars['error'] = T_('This username has been reserved, please make another choice.'); -- cgit v1.2.3