From ef0b4c6ee2896e4abca9b86f9b20fd227d8ccd19 Mon Sep 17 00:00:00 2001 From: Gabriele Date: Thu, 4 Dec 2014 18:47:45 +0100 Subject: [PATCH] Don't overwrite WebUI password when changing preferences The input field to change password does not contain the actual password, but its hash. When the preferences are saved, the hashed password is considered as a new password. Prevent this by comparing the new password with the hash of the previous password. Closes #2241. --- src/preferences/preferences.cpp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/preferences/preferences.cpp b/src/preferences/preferences.cpp index 542c9d312..9d7e1d910 100644 --- a/src/preferences/preferences.cpp +++ b/src/preferences/preferences.cpp @@ -958,6 +958,10 @@ QString Preferences::getWebUiPassword() const { } void Preferences::setWebUiPassword(const QString &new_password) { + // Do not overwrite current password with its hash + if (new_password == getWebUiPassword()) + return; + // Encode to md5 and save QCryptographicHash md5(QCryptographicHash::Md5); md5.addData(new_password.toLocal8Bit());