mirror/snipe-it
3
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2026-02-06 15:15:25 +00:00
Code Issues Projects Releases Wiki Activity

Added validation to disallow password to be the same as username, email, etc

Browse Source
This commit is contained in:
snipe
2020-11-02 20:03:26 -08:00
parent 33bda9b6d1
commit a55694da2f
4 changed files with 54 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
app/Http/Controllers/ProfileController.php
View File

@ -156,6 +156,16 @@ class ProfileController extends Controller
if (!Hash::check($request->input('current_password'), $user->password)) {
$validator->errors()->add('current_password', trans('validation.hashed_pass'));
}
if (($request->input('password') == $user->username) ||
($request->input('password') == $user->email) ||
($request->input('password') == $user->first_name) ||
($request->input('password') == $user->last_name))
{
$validator->errors()->add('password', trans('validation.disallow_same_pwd_as_user_fields'));
}
});