diff --git a/gosa-core/plugins/admin/users/class_userManagement.inc b/gosa-core/plugins/admin/users/class_userManagement.inc
index 1574f72dc785d7f5c66f5a5ebc139476d951f252..f15817603281d8ed9823003180d3b9f6383b5c57 100644 (file)
$ldap->cd($this->config->current['BASE']);
$ldap->cat($this->dn,array('uid'));
$attrs = $ldap->fetch();
- exec($this->config->get_cfg_value("passwordHook")." ".$attrs['uid'][0]." ".$_POST['new_password'], $resarr);
+ exec($this->config->get_cfg_value("passwordHook")." ".
+ escapeshellarg($attrs['uid'][0])." ".escapeshellarg($new_password), $resarr);
+ $check_hook_output = "";
+ if(count($resarr) > 0) {
+ $check_hook_output= join('\n', $resarr);
+ }
+ if(!empty($check_hook_output)){
+ $message[] = sprintf(_("Check-hook reported a problem: %s. Password change canceled!"),$check_hook_output);
+ msg_dialog::displayChecks($message);
+ return($smarty->fetch(get_template_path('password.tpl', TRUE)));
+ }
}
+
// The user has to change his password on next login
// - We are going to update samba and posix attributes here, to enforce
// such a password change.