From 1ab30c26e6912cd0c05a91ed9862fb70449fe17a Mon Sep 17 00:00:00 2001 From: Albert Santoni Date: Fri, 1 Aug 2014 15:38:35 -0400 Subject: [PATCH] Enforce non-empty passwords when editing user settings --- airtime_mvc/application/controllers/UserController.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/airtime_mvc/application/controllers/UserController.php b/airtime_mvc/application/controllers/UserController.php index 285adfd2d..7c811acb0 100644 --- a/airtime_mvc/application/controllers/UserController.php +++ b/airtime_mvc/application/controllers/UserController.php @@ -146,7 +146,8 @@ class UserController extends Zend_Controller_Action // We don't allow 6 x's as a password. // The reason is because we use that as a password placeholder // on the client side. - if ($formData['cu_password'] != "xxxxxx") { + if (($formData['cu_password'] != "xxxxxx") && + (!empty($formData['cu_password'])) { $user->setPassword($formData['cu_password']); } $user->setEmail($formData['cu_email']);