Support a nulled password in UserEditor::create()

author Tim Düsterhus <duesterhus@woltlab.com>

Tue, 27 Dec 2016 14:10:14 +0000 (15:10 +0100)

committer Tim Düsterhus <duesterhus@woltlab.com>

Tue, 27 Dec 2016 14:12:46 +0000 (15:12 +0100)
author Tim Düsterhus <duesterhus@woltlab.com>
Tue, 27 Dec 2016 14:10:14 +0000 (15:10 +0100)
committer Tim Düsterhus <duesterhus@woltlab.com>
Tue, 27 Dec 2016 14:12:46 +0000 (15:12 +0100)
diff --git a/wcfsetup/install/files/lib/data/user/UserEditor.class.php b/wcfsetup/install/files/lib/data/user/UserEditor.class.php

index c1a19a16428a4a32aa06baa2402e272a602ce5f5..4a2e0cd03a00cc70080312c681c03fa47ff342d0 100644 (file)
--- a/wcfsetup/install/files/lib/data/user/UserEditor.class.php
+++ b/wcfsetup/install/files/lib/data/user/UserEditor.class.php
@@ -40,7 +40,12 @@ class UserEditor extends DatabaseObjectEditor implements IEditableCachedObject {
         public static function create(array $parameters = []) {
                 // create salt and password hash
                 if ($parameters['password'] !== '') {
-                       $parameters['password'] = PasswordUtil::getDoubleSaltedHash($parameters['password']);
+                       if ($parameters['password'] !== null) {
+                               $parameters['password'] = PasswordUtil::getDoubleSaltedHash($parameters['password']);
+                       }
+                       else {
+                               $parameters['password'] = 'invalid:';
+                       }
                 }
                 
                 // create accessToken for AbstractAuthedPage
author	Tim Düsterhus <duesterhus@woltlab.com>
	Tue, 27 Dec 2016 14:10:14 +0000 (15:10 +0100)
committer	Tim Düsterhus <duesterhus@woltlab.com>
	Tue, 27 Dec 2016 14:12:46 +0000 (15:12 +0100)