Index: openacs-4/packages/acs-subsite/www/user/password-update.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-subsite/www/user/password-update.tcl,v
diff -u -r1.27 -r1.28
--- openacs-4/packages/acs-subsite/www/user/password-update.tcl	7 Apr 2018 19:30:45 -0000	1.27
+++ openacs-4/packages/acs-subsite/www/user/password-update.tcl	3 Sep 2024 15:37:34 -0000	1.28
@@ -1,7 +1,7 @@
 ad_page_contract {
     Let's the user change his/her password.  Asks
     for old password, new password, and confirmation.
-    
+
     @cvs-id $Id$
 } {
     {user_id:naturalnum,notnull {[ad_conn untrusted_user_id]}}
@@ -22,10 +22,10 @@
     # If old_password is set, this is a user who has had his password recovered,
     # so they won't be authenticated yet.
 } else {
-    set level [ad_decode [security::RestrictLoginToSSLP] 1 "secure" "ok"]
+    set level [expr {[security::RestrictLoginToSSLP] ? "secure" : "ok"}]
 
     # If the user is changing passwords for another user, they need to be account ok
-    set account_status [ad_decode $user_id [ad_conn untrusted_user_id] "closed" "ok"]
+    set account_status [expr {$user_id == [ad_conn untrusted_user_id] ? "closed" : "ok"}]
 
     auth::require_login \
         -level $level \
@@ -84,23 +84,23 @@
         {html {size 20}}
     }
 } -on_request {
-    
+
 } -validate {
     {password_1
         { [string equal $password_1 $password_2] }
         { Passwords don't match }
     }
 } -on_submit {
-    
+
     if { $old_password ne "" } {
         set password_old $old_password
     }
-    
+
     array set result [auth::password::change \
                           -user_id $user_id \
                           -old_password $password_old \
                           -new_password $password_1]
-    
+
     switch -- $result(password_status) {
         ok {
             # Continue
@@ -123,18 +123,18 @@
             break
         }
     }
-    
+
     # If old_password was supplied, handle authentication and log the user in
     if { $old_password ne "" } {
-        
+
         # We use full-scale auth::authenticate here, in order to be sure we also get account-status checked
         # Hm. What if there's a problem with timing, so the password update doesn't take effect immediately?
         array set auth_info [auth::authenticate \
                 -return_url $return_url \
                 -authority_id $user(authority_id) \
                 -username $user(username) \
                 -password $password_1]
-        
+
         # Handle authentication problems
         switch -- $auth_info(auth_status) {
             ok {
@@ -146,7 +146,7 @@
                 break
             }
         }
-        
+
         if { [info exists auth_info(account_url)] && $auth_info(account_url) ne "" } {
             ad_returnredirect $auth_info(account_url)
             ad_script_abort
@@ -169,7 +169,7 @@
     if {[ad_conn account_status] eq "closed"} {
         auth::verify_account_status
     }
-    
+
 } -after_submit {
     if { $return_url eq "" } {
         set return_url [ad_pvt_home]