diff --git a/lang/en_GB.php b/lang/en_GB.php index 7155a77f7..0eba30e7b 100644 --- a/lang/en_GB.php +++ b/lang/en_GB.php @@ -337,7 +337,7 @@ $lang['en_GB']['Member']['EMAILSIGNUPINTRO2'] = 'You can login to the website us $lang['en_GB']['Member']['EMAILSIGNUPSUBJECT'] = 'Thanks for signing up'; $lang['en_GB']['Member']['ENTEREMAIL'] = 'Please enter an email address to get a password reset link.'; $lang['en_GB']['Member']['ERRORLOCKEDOUT'] = 'Your account has been temporarily disabled because of too many failed attempts at logging in. Please try again in 20 minutes.'; -$lang['en_GB']['Member']['ERRORNEWPASSWORD'] = 'Your have entered your new password differently, try again'; +$lang['en_GB']['Member']['ERRORNEWPASSWORD'] = 'You have entered your new password differently, try again'; $lang['en_GB']['Member']['ERRORPASSWORDNOTMATCH'] = 'Your current password does not match, please try again'; $lang['en_GB']['Member']['ERRORWRONGCRED'] = 'That doesn\'t seem to be the right e-mail address or password. Please try again.'; $lang['en_GB']['Member']['FIRSTNAME'] = 'First Name'; diff --git a/lang/en_US.php b/lang/en_US.php index ecbb7cc05..32a6e061e 100644 --- a/lang/en_US.php +++ b/lang/en_US.php @@ -413,7 +413,7 @@ $lang['en_US']['Member']['EMAILSIGNUPINTRO2'] = 'You can login to the website us $lang['en_US']['Member']['EMAILSIGNUPSUBJECT'] = 'Thanks for signing up'; $lang['en_US']['Member']['ENTEREMAIL'] = 'Please enter an email address to get a password reset link.'; $lang['en_US']['Member']['ERRORLOCKEDOUT'] = 'Your account has been temporarily disabled because of too many failed attempts at logging in. Please try again in 20 minutes.'; -$lang['en_US']['Member']['ERRORNEWPASSWORD'] = 'Your have entered your new password differently, try again'; +$lang['en_US']['Member']['ERRORNEWPASSWORD'] = 'You have entered your new password differently, try again'; $lang['en_US']['Member']['ERRORPASSWORDNOTMATCH'] = 'Your current password does not match, please try again'; $lang['en_US']['Member']['ERRORWRONGCRED'] = 'That doesn\'t seem to be the right e-mail address or password. Please try again.'; $lang['en_US']['Member']['FIRSTNAME'] = 'First Name'; diff --git a/security/ChangePasswordForm.php b/security/ChangePasswordForm.php index 7c32d7e4e..eaecdfdae 100755 --- a/security/ChangePasswordForm.php +++ b/security/ChangePasswordForm.php @@ -47,7 +47,7 @@ class ChangePasswordForm extends Form { function doChangePassword(array $data) { if($member = Member::currentUser()) { // The user was logged in, check the current password - if(isset($data['OldPassword']) && $member->checkPassword($data['OldPassword']) == false) { + if(empty($data['OldPassword']) || !$member->checkPassword($data['OldPassword'])->valid()) { $this->clearMessage(); $this->sessionMessage( _t('Member.ERRORPASSWORDNOTMATCH', "Your current password does not match, please try again"), @@ -72,7 +72,15 @@ class ChangePasswordForm extends Form { } // Check the new password - if($data['NewPassword1'] == $data['NewPassword2']) { + if(empty($data['NewPassword1'])) { + $this->clearMessage(); + $this->sessionMessage( + _t('Member.EMPTYNEWPASSWORD', "The new password can't be empty, please try again"), + "bad"); + Director::redirectBack(); + return; + } + else if($data['NewPassword1'] == $data['NewPassword2']) { $isValid = $member->changePassword($data['NewPassword1']); if($isValid->valid()) { $this->clearMessage(); @@ -85,14 +93,16 @@ class ChangePasswordForm extends Form { } else { $this->clearMessage(); - $this->sessionMessage(nl2br("We couldn't accept that password:\n" . $isValid->starredList()), "bad"); + $this->sessionMessage( + _t('Member.INVALIDNEWPASSWORD', "We couldn't accept that password: %s", nl2br("\n".$isValid->starredList())), + "bad"); Director::redirectBack(); } } else { $this->clearMessage(); $this->sessionMessage( - _t('Member.ERRORNEWPASSWORD', "Your have entered your new password differently, try again"), + _t('Member.ERRORNEWPASSWORD', "You have entered your new password differently, try again"), "bad"); Director::redirectBack(); }