Encode password with new users' login

[misc/kostenrechnung] / ajax / ajax.php

diff --git a/ajax/ajax.php b/ajax/ajax.php
index 6597a76..213160a 100644 (file)
--- a/ajax/ajax.php
+++ b/ajax/ajax.php
@@ -108,7 +108,9 @@ function save($mask)
        $update[] = sprintf("%s=%s", $field, format_decimal($_POST[$field]));
     } elseif ($info['type'] == 'passwd') {
       if (!empty($_POST[$field]))
-       $update[] = sprintf("%s='%s'", $field, pg_escape_string(passwd($_SESSION['sys']['login'],$_POST[$field])));
+       $update[] = sprintf("%s='%s'", $field,
+                           pg_escape_string(passwd(empty($_POST['login'])?$_SESSION['sys']['login']:$_POST['login'],
+                                                   $_POST[$field])));
     } else {
       if (empty($_POST[$field]) && $info['null'] === true)
         $update[] = sprintf("%s=NULL", $field);