- fix unwanted password change

2017-03-04 08:53:27 +01:00
parent 0a50656350
commit fca49a0176
1 changed files with 12 additions and 11 deletions
--- a/app/views.py
+++ b/app/views.py
@@ -364,20 +364,21 @@ def selfmanagement():
        if not bcrypt.checkpw(request.form['password_old'], u.password):
            success = "Passwort falsch!"
        else:
-            if ('password1' in request.form) & ('password2' in request.form):
-                if request.form['password1'] == request.form['password2']:
-                    u.password = bcrypt.hashpw(request.form['password1'], bcrypt.gensalt())
+            if len(request.form['password1']) > 0:
+                if ('password1' in request.form) & ('password2' in request.form):
+                    if (request.form['password1'] == request.form['password2']):
+                        u.password = bcrypt.hashpw(request.form['password1'], bcrypt.gensalt())

-                    u.rfid_id = request.form['rfid_id']
+                        u.rfid_id = request.form['rfid_id']

-                    if 'onlyrfid' in request.form:
-                        u.onlyrfid = True
+                        if 'onlyrfid' in request.form:
+                            u.onlyrfid = True
+                        else:
+                            u.onlyrfid = False
+                        update_user(u)
+                        success = u'Einstellungen wurden übernommen!'
                    else:
-                        u.onlyrfid = False
-                    update_user(u)
-                    success = u'Einstellungen wurden übernommen!'
-                else:
-                    success = u'Neue Passwörter stimmen nicht überein!'
+                        success = u'Neue Passwörter stimmen nicht überein!'
            else:
                u.rfid_id = request.form['rfid_id']