Home Explore Help
Sign In
yosoyhendrix
/
hestiacp
mirror of https://github.com/hestiacp/hestiacp
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Fix 2660 (#2661)

* Fix 2660

* Make field read only for not admin users
Jaap Marcus 3 years ago
parent
d671204f03
commit
2439db3cfd
2 changed files with 2 additions and 2 deletions
Split View Show Diff Stats
  1. 1 1
      web/login/index.php
  2. 1 1
      web/templates/pages/edit_mail.html

+ 1 - 1
web/login/index.php
View File 

@@ -132,7 +132,7 @@ function authenticate_user($user, $password, $twofa = '')
 
             if ($method == 'yescrypt') {
 
                 $v_password = tempnam("/tmp", "vst");
 
                 $fp = fopen($v_password, "w");
 
-                fwrite($fp, $_POST['password']."\n");
 
+                fwrite($fp, $password."\n");
 
                 fclose($fp);
 
                 exec(HESTIA_CMD . 'v-check-user-password '. $v_user.' '. $v_password. ' '.$v_ip.' yes', $output, $return_var);
 
                 $hash = $output[0];

+ 1 - 1
web/templates/pages/edit_mail.html
View File 

@@ -91,7 +91,7 @@
 
 						</tr>
 
 						<tr>
 
 							<td>
 
-								<input type="text" size="20" class="vst-input" name="v_rate" value="<?=htmlentities(trim($v_rate, "'"))?>">
 
+								<input type="text" size="20" class="vst-input" name="v_rate" value="<?=htmlentities(trim($v_rate, "'"))?>" <?php if($_SESSION['userContext'] != "admin"){ echo "disabled";}?>>>
 
 							</td>
 
 						</tr>
 
 						<?php if (!empty($_SESSION['ANTISPAM_SYSTEM'])) {?>