diff --git a/data/web/inc/functions.inc.php b/data/web/inc/functions.inc.php
index 5ac72ed24..81b3f7e08 100644
--- a/data/web/inc/functions.inc.php
+++ b/data/web/inc/functions.inc.php
@@ -1006,7 +1006,7 @@ function edit_user_account($_data) {
update_sogo_static_view();
}
// edit password recovery email
- elseif (isset($pw_recovery_email)) {
+ elseif (!empty($password_old) && isset($pw_recovery_email)) {
if (!isset($_SESSION['acl']['pw_reset']) || $_SESSION['acl']['pw_reset'] != "1" ) {
$_SESSION['return'][] = array(
'type' => 'danger',
@@ -1016,6 +1016,21 @@ function edit_user_account($_data) {
return false;
}
+ $stmt = $pdo->prepare("SELECT `password` FROM `mailbox`
+ WHERE `kind` NOT REGEXP 'location|thing|group'
+ AND `username` = :user AND authsource = 'mailcow'");
+ $stmt->execute(array(':user' => $username));
+ $row = $stmt->fetch(PDO::FETCH_ASSOC);
+
+ if (!verify_hash($row['password'], $password_old)) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_data_log),
+ 'msg' => 'access_denied'
+ );
+ return false;
+ }
+
$pw_recovery_email = (!filter_var($pw_recovery_email, FILTER_VALIDATE_EMAIL)) ? '' : $pw_recovery_email;
$stmt = $pdo->prepare("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.recovery_email', :recovery_email)
WHERE `username` = :username AND authsource = 'mailcow'");
diff --git a/data/web/templates/modals/user.twig b/data/web/templates/modals/user.twig
index b8e3bf3ab..41f173adb 100644
--- a/data/web/templates/modals/user.twig
+++ b/data/web/templates/modals/user.twig
@@ -326,6 +326,12 @@
{{ lang.user.password_reset_info }}
+
+
+
+
+
+