diff options
Diffstat (limited to 'classes/pref')
-rw-r--r-- | classes/pref/prefs.php | 7 | ||||
-rw-r--r-- | classes/pref/users.php | 5 |
2 files changed, 6 insertions, 6 deletions
diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php index eae67fbac..854b70549 100644 --- a/classes/pref/prefs.php +++ b/classes/pref/prefs.php @@ -352,10 +352,6 @@ class Pref_Prefs extends Handler_Protected { } </script> - <?php if ($otp_enabled) { - print_notice(__("Changing your current password will disable OTP.")); - } ?> - <fieldset> <label><?= __("Old password:") ?></label> <input dojoType='dijit.form.ValidationTextBox' type='password' required='1' name='old_password'> @@ -458,7 +454,6 @@ class Pref_Prefs extends Handler_Protected { } else { - print_warning("You will need a compatible Authenticator to use this. Changing your password would automatically disable OTP."); print_notice("You will need to generate app passwords for the API clients if you enable OTP."); if (function_exists("imagecreatefromstring")) { @@ -479,7 +474,7 @@ class Pref_Prefs extends Handler_Protected { <fieldset> <label><?= __("OTP Key:") ?></label> - <input dojoType='dijit.form.ValidationTextBox' disabled='disabled' value="<?= $otp_secret ?>" size='32'> + <input dojoType='dijit.form.ValidationTextBox' disabled='disabled' value="<?= $otp_secret ?>" style='width : 215px'> </fieldset> <!-- TODO: return JSON from the backend call --> diff --git a/classes/pref/users.php b/classes/pref/users.php index cac0dca7c..068166863 100644 --- a/classes/pref/users.php +++ b/classes/pref/users.php @@ -119,6 +119,11 @@ class Pref_Users extends Handler_Administrative { $user->email = clean($_REQUEST["email"]); $user->otp_enabled = checkbox_to_sql_bool($_REQUEST["otp_enabled"]); + // force new OTP secret when next enabled + if (Config::get_schema_version() >= 143 && !$user->otp_enabled) { + $user->otp_secret = null; + } + $user->save(); } |