Revision: 1277
http://mrbs.svn.sourceforge.net/mrbs/?rev=1277&view=rev
Author: cimorrison
Date: 2009-12-08 18:07:35 +0000 (Tue, 08 Dec 2009)
Log Message:
-----------
Fixed a bug in the last change (Rev 1276): passwords should only be validated
if it's a new user, or an existing user changing their password.
Revision Links:
--------------
http://mrbs.svn.sourceforge.net/mrbs/?rev=1276&view=rev
Modified Paths:
--------------
mrbs/trunk/web/edit_users.php
Modified: mrbs/trunk/web/edit_users.php
===================================================================
--- mrbs/trunk/web/edit_users.php 2009-12-08 14:10:13 UTC (rev 1276)
+++ mrbs/trunk/web/edit_users.php 2009-12-08 18:07:35 UTC (rev 1277)
@@ -472,7 +472,7 @@
// so don't do anything; otherwise get the MD5 hash.
// Note: we don't put the password in the query string
// for security reasons.
- if ($password0 != "")
+ if (!empty($password0))
{
$values[$fieldname]=md5($password0);
}
@@ -538,10 +538,15 @@
$q_string .= "&pwd_not_match=1";
}
// check that the password conforms to the password policy
- if (!validate_password($password0))
+ // if it's a new user (Id < 0), or else it's an existing user
+ // trying to change their password
+ if (($Id <0) || !empty($password0))
{
- $valid_data = FALSE;
- $q_string .= "&pwd_invalid=1";
+ if (!validate_password($password0))
+ {
+ $valid_data = FALSE;
+ $q_string .= "&pwd_invalid=1";
+ }
}
break;
case 'email':
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
------------------------------------------------------------------------------
Return on Information:
Google Enterprise Search pays you back
Get the facts.
http://p.sf.net/sfu/google-dev2dev
_______________________________________________
Mrbs-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mrbs-commits
