janis/jakach-login
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixing a bug where password update failed because of htmlspecialchars

Browse Source
This commit is contained in:
Janis Steiner
2024-12-31 11:29:30 +01:00
parent 3dfbd1f8d5
commit 47d009e96f
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app-code/api/account/update_pw.php
View File

@@ -40,8 +40,8 @@ if (isset($data->old_password) && isset($data->new_password)) {
$user_id = $_SESSION['id']; // Assuming user_id is stored in session $user_id = $_SESSION['id']; // Assuming user_id is stored in session
// Sanitize inputs // Sanitize inputs
$old_password = htmlspecialchars($data->old_password); $old_password = $data->old_password;
$new_password = htmlspecialchars($data->new_password); $new_password = $data->new_password;
// Check password strength (optional but recommended) // Check password strength (optional but recommended)
if (strlen($new_password) < 12) { if (strlen($new_password) < 12) {