X-Git-Url: https://ruin.nu/git/?a=blobdiff_plain;f=lib%2FNDWeb%2FController%2FSettings.pm;h=717b9095bb88991db31ef996d2cc79b86587421b;hb=2c227a364191710527b3baa3529ca23a0cf1df6f;hp=5780c2b92921411655ba2e7b136fdcdcaa780d4b;hpb=23470c3481cbd9e7dfa3bfa5cf05bbb41d098cc6;p=ndwebbie.git

diff --git a/lib/NDWeb/Controller/Settings.pm b/lib/NDWeb/Controller/Settings.pm
index 5780c2b..717b909 100644
--- a/lib/NDWeb/Controller/Settings.pm
+++ b/lib/NDWeb/Controller/Settings.pm
@@ -112,12 +112,16 @@ sub changePassword : Local {
 	my ( $self, $c ) = @_;
 	my $dbh = $c->model;
 
-	my $query = $dbh->prepare(q{UPDATE users SET password = MD5($1)
-		WHERE password = MD5($2) AND uid = $3
+	if (length $c->req->param('pass') < 4) {
+		$c->flash(error => "Your password need to be at least 4 characters");
+	} else {
+		my $query = $dbh->prepare(q{UPDATE users SET password = $1
+			WHERE password = crypt($2,password) AND uid = $3
 		});
-	$query->execute($c->req->param('pass'),$c->req->param('oldpass'),$c->user->id);
+		$query->execute($c->req->param('pass'),$c->req->param('oldpass'),$c->user->id);
 
-	$c->flash(error => "Old password was invalid") unless $query->rows;
+		$c->flash(error => "Old password was invalid") unless $query->rows;
+	}
 
 	$c->res->redirect($c->uri_for(''));
 }
@@ -144,7 +148,7 @@ INSERT INTO email_change (uid,email) VALUES ($1,$2) RETURNING id;
 		my ($id) = $insert->fetchrow_array;
 
 		my %mail = (
-			smtp => 'ruin.nu',
+			smtp => 'localhost',
 			To      => $email,
 			From    => 'NewDawn Command <nd@ruin.nu>',
 			'Content-type' => 'text/plain; charset="UTF-8"',