From: Tim Düsterhus Date: Tue, 14 Jun 2016 20:03:51 +0000 (+0200) Subject: Allow nulling a password X-Git-Tag: 3.0.0_Beta_1~890^2~4 X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=c21b89bef7accdbadd51f28f3005d44c8c3b5cea;p=GitHub%2FWoltLab%2FWCF.git Allow nulling a password --- diff --git a/wcfsetup/install/files/lib/data/user/UserEditor.class.php b/wcfsetup/install/files/lib/data/user/UserEditor.class.php index 92415beb85..b8b11f7cb7 100644 --- a/wcfsetup/install/files/lib/data/user/UserEditor.class.php +++ b/wcfsetup/install/files/lib/data/user/UserEditor.class.php @@ -71,8 +71,13 @@ class UserEditor extends DatabaseObjectEditor implements IEditableCachedObject { */ public function update(array $parameters = []) { // update salt and create new password hash - if (isset($parameters['password']) && $parameters['password'] !== '') { - $parameters['password'] = PasswordUtil::getDoubleSaltedHash($parameters['password']); + if (array_key_exists('password', $parameters) && $parameters['password'] !== '') { + if ($parameters['password'] === null) { + $parameters['password'] = 'invalid:'; + } + else { + $parameters['password'] = PasswordUtil::getDoubleSaltedHash($parameters['password']); + } $parameters['accessToken'] = StringUtil::getRandomID(); // update accessToken