diff --git a/app/Controllers/usersController.php b/app/Controllers/usersController.php
index 482e35c3e..8954c845d 100644
--- a/app/Controllers/usersController.php
+++ b/app/Controllers/usersController.php
@@ -14,8 +14,21 @@ class FreshRSS_users_Controller extends Minz_ActionController {
if (Minz_Request::isPost()) {
$ok = true;
+ $passwordPlain = Minz_Request::param('passwordPlain', false);
+ if ($passwordPlain != '') {
+ Minz_Request::_param('passwordPlain'); //Discard plain-text password ASAP
+ $_POST['passwordPlain'] = '';
+ if (!function_exists('password_hash')) {
+ include_once(LIB_PATH . '/password_compat.php');
+ }
+ $passwordHash = password_hash($passwordPlain, PASSWORD_BCRYPT); //A bit expensive, on purpose
+ $passwordPlain = '';
+ $this->view->conf->_passwordHash($passwordHash);
+ }
+
$mail = Minz_Request::param('mail_login', false);
$this->view->conf->_mail_login($mail);
+
$ok &= $this->view->conf->save();
$email = $this->view->conf->mail_login;
diff --git a/app/i18n/en.php b/app/i18n/en.php
index 89af15b17..3b9936e8e 100644
--- a/app/i18n/en.php
+++ b/app/i18n/en.php
@@ -161,7 +161,8 @@ return array (
'current_user' => 'Current user',
'default_user' => 'Username of the default user (maximum 16 alphanumeric characters)',
- 'persona_connection_email' => 'Login mail address (for Mozilla Persona)',
+ 'password' =>'Password
(for the Web-form login method)',
+ 'persona_connection_email' => 'Login mail address
(for Mozilla Persona)',
'allow_anonymous' => 'Allow anonymous reading for the default user (%s)',
'auth_token' => 'Authentication token',
'explain_token' => 'Allows to access RSS output of the default user without authentication.
%s?token=%s',
diff --git a/app/i18n/fr.php b/app/i18n/fr.php
index d4c96c1db..7e71cbb6d 100644
--- a/app/i18n/fr.php
+++ b/app/i18n/fr.php
@@ -160,8 +160,9 @@ return array (
'think_to_add' => 'Pensez à en ajouter !',
'current_user' => 'Utilisateur actuel',
+ 'password' =>'Mot de passe
(pour connexion par formulaire)',
'default_user' => 'Nom de l’utilisateur par défaut (16 caractères alphanumériques maximum)',
- 'persona_connection_email' => 'Adresse courriel de connexion (pour Mozilla Persona)',
+ 'persona_connection_email' => 'Adresse courriel de connexion
(pour Mozilla Persona)',
'allow_anonymous' => 'Autoriser la lecture anonyme pour l’utilisateur par défaut (%s)',
'auth_token' => 'Jeton d’identification',
'explain_token' => 'Permet d’accéder à la sortie RSS de l’utilisateur par défaut sans besoin de s’authentifier.
%s?output=rss&token=%s',
diff --git a/app/views/configure/users.phtml b/app/views/configure/users.phtml
index d40a3ad5b..68111bdbe 100644
--- a/app/views/configure/users.phtml
+++ b/app/views/configure/users.phtml
@@ -17,6 +17,14 @@
+
+
conf->mail_login; ?>