change password bugfix + md5 hashing script for passwords

[mir.git] / source / mircoders / servlet / ServletModuleUsers.java

diff --git a/source/mircoders/servlet/ServletModuleUsers.java b/source/mircoders/servlet/ServletModuleUsers.java
index cb331e4..23333ef 100755 (executable)
--- a/source/mircoders/servlet/ServletModuleUsers.java
+++ b/source/mircoders/servlet/ServletModuleUsers.java
@@ -53,6 +53,8 @@ import mircoders.entity.EntityUsers;
 import mircoders.global.MirGlobal;
 import mircoders.module.ModuleUsers;
 import mircoders.storage.DatabaseUsers;
+import mircoders.localizer.*;
+import mircoders.global.*;
 
 /*
  *  ServletModuleUsers -
@@ -193,7 +195,7 @@ public class ServletModuleUsers extends ServletModule
 
       String newPassword=validatePassword(ServletHelper.getUser(aRequest), requestParser);
       if (newPassword!=null)
-        withValues.put("password", newPassword);
+        withValues.put("password", MirGlobal.localizer().adminInterface().makePasswordDigest(newPassword));
 
       mainModule.set(withValues);
 
@@ -216,7 +218,7 @@ public class ServletModuleUsers extends ServletModule
 
       String newPassword=validatePassword(ServletHelper.getUser(aRequest), requestParser);
       if (newPassword!=null) {
-        user.setValueForProperty("password", newPassword);
+        user.setValueForProperty("password", MirGlobal.localizer().adminInterface().makePasswordDigest(newPassword));
         user.update();
 
         // hackish: to make sure the cached logged in user is up-to-date: