From c1eed1d4066611440c5cf3ac686595ce00156f32 Mon Sep 17 00:00:00 2001 From: andryyy Date: Sat, 29 Dec 2018 15:11:32 +0100 Subject: [PATCH] [Web] Hide self-edit passwords of domain admins, fixes #2135 --- data/web/inc/functions.domain_admin.inc.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/data/web/inc/functions.domain_admin.inc.php b/data/web/inc/functions.domain_admin.inc.php index bf9900e8..064ba6c8 100644 --- a/data/web/inc/functions.domain_admin.inc.php +++ b/data/web/inc/functions.domain_admin.inc.php @@ -5,6 +5,9 @@ function domain_admin($_action, $_data = null) { $_data_log = $_data; !isset($_data_log['password']) ?: $_data_log['password'] = '*'; !isset($_data_log['password2']) ?: $_data_log['password2'] = '*'; + !isset($_data_log['user_old_pass']) ?: $_data_log['user_old_pass'] = '*'; + !isset($_data_log['user_new_pass']) ?: $_data_log['user_new_pass'] = '*'; + !isset($_data_log['user_new_pass2']) ?: $_data_log['user_new_pass2'] = '*'; switch ($_action) { case 'add': $username = strtolower(trim($_data['username']));