diff --git a/src/misc/results_values.php b/src/misc/results_values.php index 3e67071..8b76ebf 100644 --- a/src/misc/results_values.php +++ b/src/misc/results_values.php @@ -28,6 +28,10 @@ define("OK_ACCOUNT", "OK_ACCOUNT"); define("MISSING_PHONE_PARAM", "ERROR_PHONE_PARAMETER_NOT_FOUND"); define("MISSING_USERNAME_PARAM", "ERROR_USERNAME_PARAMETER_NOT_FOUND"); define("MISSING_EMAIL_PARAM", "ERROR_EMAIL_PARAMETER_NOT_FOUND"); +define("MISSING_OLD_HASH", "ERROR_OLD_HASH_NOT_FOUND"); +define("MISSING_NEW_HASH", "ERROR_NEW_HASH_NOT_FOUND"); +define("MISSING_MD5_HASH", "ERROR_MD5_HASH_NOT_FOUND"); +define("MISSING_SHA256_HASH", "ERROR_SHA256_HASH_NOT_FOUND"); define("EMAIL_UNCHANGED", "ERROR_EMAIL_NEW_SAME_AS_OLD"); /* Parameter not available because already in use */ diff --git a/src/xmlrpc/passwords.php b/src/xmlrpc/passwords.php index 6b3cfab..122fd20 100644 --- a/src/xmlrpc/passwords.php +++ b/src/xmlrpc/passwords.php @@ -42,6 +42,10 @@ function xmlrpc_update_password($method, $args) if (!check_parameter($username)) { return MISSING_USERNAME_PARAM; + } elseif (!check_parameter($hashed_old_password, "old password")) { + return MISSING_OLD_HASH; + } elseif (!check_parameter($hashed_new_password, "md5 password")) { + return MISSING_NEW_HASH; } elseif ($algo == null) { return ALGO_NOT_SUPPORTED; } @@ -83,6 +87,16 @@ function xmlrpc_update_passwords($method, $args) $sha256_hashed_password = $args[3]; $domain = get_domain($args[4]); + if (!check_parameter($username)) { + return MISSING_USERNAME_PARAM; + } elseif (!check_parameter($hashed_password, "old password")) { + return MISSING_OLD_HASH; + } elseif (!check_parameter($md5_hashed_password, "md5 password")) { + return MISSING_MD5_HASH; + } elseif (!check_parameter($sha256_hashed_password, "sha256 password")) { + return MISSING_SHA256_HASH; + } + Logger::getInstance()->message("[XMLRPC] xmlrpc_update_passwords(" . $username . ", " . $domain . ")"); $database = new Database();