From: Janusz Dobrowolski <janusz@frontaccounting.eu>
Date: Mon, 13 Apr 2015 17:03:26 +0000 (+0200)
Subject: Empty password is forbidden when creating new user account.
X-Git-Tag: 2.3-final~46^2~1
X-Git-Url: https://delta.frontaccounting.com/gitweb/?p=fa-stable.git;a=commitdiff_plain;h=e3004d8581b1ea3c02bfe2b1e880990309c4459e

Empty password is forbidden when creating new user account.
---

diff --git a/admin/users.php b/admin/users.php
index 135e0068..2074bc19 100644
--- a/admin/users.php
+++ b/admin/users.php
@@ -23,7 +23,7 @@ include_once($path_to_root . "/admin/db/users_db.inc");
 simple_page_mode(true);
 //-------------------------------------------------------------------------------------------------
 
-function can_process() 
+function can_process($new) 
 {
 
 	if (strlen($_POST['user_id']) < 4)
@@ -33,7 +33,7 @@ function can_process()
 		return false;
 	}
 
-	if ($_POST['password'] != "") 
+	if (!$new && ($_POST['password'] != ""))
 	{
     	if (strlen($_POST['password']) < 4)
     	{
@@ -58,7 +58,7 @@ function can_process()
 if (($Mode=='ADD_ITEM' || $Mode=='UPDATE_ITEM') && check_csrf_token())
 {
 
-	if (can_process())
+	if (can_process($Mode == 'ADD_ITEM'))
 	{
     	if ($selected_id != -1) 
     	{