diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php index 05063303e75..3ccb2284a99 100644 --- a/htdocs/adherents/class/adherent.class.php +++ b/htdocs/adherents/class/adherent.class.php @@ -1166,7 +1166,7 @@ class Adherent extends CommonObject if ($result >= 0) { $result = $luser->setPassword($user, $this->pass, 0, 0, 1); - if ($result < 0) { + if (is_numeric($result) && $result < 0) { $this->error = $luser->error; dol_syslog(get_class($this)."::setPassword ".$this->error, LOG_ERR); $error++; diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 1390a7d3034..f92042879d9 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -2045,7 +2045,7 @@ class User extends CommonObject if ($this->pass != $this->pass_indatabase && !dol_verifyHash($this->pass, $this->pass_indatabase_crypted)) { // If a new value for password is set and different than the one crypted into database $result = $this->setPassword($user, $this->pass, 0, $notrigger, $nosyncmemberpass, 0, 1); - if ($result < 0) { + if (is_numeric($result) && $result < 0) { return -5; } } diff --git a/htdocs/user/passwordforgotten.php b/htdocs/user/passwordforgotten.php index e8f5baf954c..281075e12fc 100644 --- a/htdocs/user/passwordforgotten.php +++ b/htdocs/user/passwordforgotten.php @@ -142,16 +142,16 @@ if (empty($reshook)) { $messagewarning .= ''; if ($result <= 0 && $edituser->error == 'USERNOTFOUND') { - usleep(20000); // add delay to simulate setPassword and send_password actions delay + usleep(20000); // add delay to simulate setPassword and send_password actions delay (0.02s) $message .= $messagewarning; $username = ''; } else { if (empty($edituser->email)) { - usleep(20000); // add delay to simulate setPassword and send_password actions delay + usleep(20000); // add delay to simulate setPassword and send_password actions delay (0.02s) $message .= $messagewarning; } else { $newpassword = $edituser->setPassword($user, '', 1); - if ($newpassword < 0) { + if (is_numeric($newpassword) && $newpassword < 0) { // Technical failure $message = '
'.$langs->trans("ErrorFailedToChangePassword").'
'; } else { diff --git a/htdocs/webservices/server_user.php b/htdocs/webservices/server_user.php index 9672fa1b4fc..aef600a424d 100644 --- a/htdocs/webservices/server_user.php +++ b/htdocs/webservices/server_user.php @@ -691,13 +691,13 @@ function setUserPassword($authentication, $shortuser) $res = $userstat->fetch('', $shortuser['login']); if ($res) { $res = $userstat->setPassword($userstat, $shortuser['password']); - if ($res) { + if (is_numeric($res) && $res < 0) { + $error++; + $errorcode = 'NOT_MODIFIED'; $errorlabel = 'Error when changing password'; + } else { $objectresp = array( 'result'=>array('result_code' => 'OK', 'result_label' => ''), ); - } else { - $error++; - $errorcode = 'NOT_MODIFIED'; $errorlabel = 'Error when changing password'; } } else { $error++;