From 1ab30c26e6912cd0c05a91ed9862fb70449fe17a Mon Sep 17 00:00:00 2001
From: Albert Santoni <albert.santoni@sourcefabric.org>
Date: Fri, 1 Aug 2014 15:38:35 -0400
Subject: [PATCH] Enforce non-empty passwords when editing user settings

---
 airtime_mvc/application/controllers/UserController.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/airtime_mvc/application/controllers/UserController.php b/airtime_mvc/application/controllers/UserController.php
index 285adfd2d..7c811acb0 100644
--- a/airtime_mvc/application/controllers/UserController.php
+++ b/airtime_mvc/application/controllers/UserController.php
@@ -146,7 +146,8 @@ class UserController extends Zend_Controller_Action
                 // We don't allow 6 x's as a password.
                 // The reason is because we use that as a password placeholder
                 // on the client side.
-                if ($formData['cu_password'] != "xxxxxx") {
+                if (($formData['cu_password'] != "xxxxxx") &&
+                    (!empty($formData['cu_password'])) {
                     $user->setPassword($formData['cu_password']);
                 }
                 $user->setEmail($formData['cu_email']);