diff --git a/bureau/admin/hta_doedituser.php b/bureau/admin/hta_doedituser.php
index 2e6351d5..5e443a1b 100644
--- a/bureau/admin/hta_doedituser.php
+++ b/bureau/admin/hta_doedituser.php
@@ -52,7 +52,7 @@ if (!$hta->change_pass($user,$newpass,$dir)) {
$error";
}
else {
diff --git a/bureau/admin/hta_list.php b/bureau/admin/hta_list.php
index 73d10b51..bf503e6b 100644
--- a/bureau/admin/hta_list.php
+++ b/bureau/admin/hta_list.php
@@ -42,7 +42,7 @@ else {
$error";
}
diff --git a/bureau/class/m_hta.php b/bureau/class/m_hta.php
index d2bcf396..9e20d57d 100644
--- a/bureau/class/m_hta.php
+++ b/bureau/class/m_hta.php
@@ -104,23 +104,24 @@ class m_hta {
* Returns the list of all user folder currently protected by a .htpasswd file
* @return array Array containing user folder list
*/
- function ListDir() {
- global $err,$mem,$L_ALTERNC_LOC;
- $err->log("hta","listdir");
- $sortie=array();
- $absolute="$L_ALTERNC_LOC/html/".substr($mem->user["login"],0,1)."/".$mem->user["login"];
- exec("find $absolute -name .htpasswd | sort", $sortie);
- if (!count($sortie)) {
- $err->raise("hta",4);
- return false;
- }
- for ($i=0;$ilog("hta","listdir");
+ $sortie=array();
+ $absolute="$L_ALTERNC_LOC/html/".substr($mem->user["login"],0,1)."/".$mem->user["login"];
+ exec("find $absolute -name .htpasswd|sort",$sortie);
+ if(!count($sortie)){
+ $err->raise("hta",4);
+ return false;
+ }
+ $pattern="/^".preg_quote($L_ALTERNC_LOC,"/")."\/html\/.\/[^\/]*\/(.*)\/\.htpasswd/";
+ for($i=0;$iraise("hta",8,$dir);
return false;
}
- if (!unlink("$dir/.htaccess")) {
+ if (!@unlink("$dir/.htaccess")) {
$err->raise("hta",5,$dir);
return false;
}
- if (!unlink("$dir/.htpasswd")) {
+ if (!@unlink("$dir/.htpasswd")) {
$err->raise("hta",6,$dir);
return false;
}
@@ -314,7 +315,7 @@ class m_hta {
// Check this password against the password policy using common API :
if (is_callable(array($admin,"checkPolicy"))) {
- if (!$admin->checkPolicy("hta",$user,$password)) {
+ if (!$admin->checkPolicy("hta",$user,$newpass)) {
return false; // The error has been raised by checkPolicy()
}
}