• Leigh B Stoller's avatar
    Deal with issues described by Jon in issues #203. · 557f3504
    Leigh B Stoller authored
    The main point of the changes are to require that the old password is
    provided when changing your password. This holds true even for admins
    changing their own password in red-dot. Note though, that when an admin
    changes another user's password in red-dot, old password is not
    required, which is somewhat in conflict with the overall goal, but hey,
    we want to be practical too.
    I ended up removing password modification from the profile page, and
    use the already existing changepswd page, which I cleaned up and turned
    into a first class ajax citizen to make the page operate smoother.
quickvm_sup.php 31.6 KB