From bd4f2a2a50ec09f772cbf9312ad45e1178f6b199 Mon Sep 17 00:00:00 2001 From: HB9HIL Date: Thu, 9 May 2024 13:09:34 +0200 Subject: [PATCH] don't overwrite pwd if it's the placeholder --- application/controllers/User.php | 9 +++++---- application/models/User_model.php | 22 ++++++++++++++++------ 2 files changed, 21 insertions(+), 10 deletions(-) diff --git a/application/controllers/User.php b/application/controllers/User.php index bc39cfe83..9816815c5 100644 --- a/application/controllers/User.php +++ b/application/controllers/User.php @@ -227,6 +227,7 @@ class User extends CI_Controller { $query = $this->user_model->get_by_id($this->uri->segment(3)); $data['existing_languages'] = $this->find(); + $pwd_placeholder = '**********'; $this->load->model('bands'); $this->load->library('form_validation'); @@ -276,7 +277,7 @@ class User extends CI_Controller { $data['user_password'] = $this->input->post('user_password',true); } else { if ($q->user_password !== '' && $q->user_password !== null) { - $data['user_password'] = '**********'; + $data['user_password'] = $pwd_placeholder; } else { $data['user_password'] = ''; } @@ -346,7 +347,7 @@ class User extends CI_Controller { $data['user_clublog_password'] = $this->input->post('user_clublog_password', true); } else { if ($q->user_clublog_password !== '' && $q->user_clublog_password !== null) { - $data['user_clublog_password'] = '**********'; + $data['user_clublog_password'] = $pwd_placeholder; } else { $data['user_clublog_password'] = ''; } @@ -356,7 +357,7 @@ class User extends CI_Controller { $data['user_lotw_password'] = $this->input->post('user_lotw_password', true); } else { if ($q->user_lotw_password !== '' && $q->user_lotw_password !== null) { - $data['user_lotw_password'] = '**********'; + $data['user_lotw_password'] = $pwd_placeholder; } else { $data['user_lotw_password'] = ''; } @@ -372,7 +373,7 @@ class User extends CI_Controller { $data['user_eqsl_password'] = $this->input->post('user_eqsl_password', true); } else { if ($q->user_eqsl_password !== '' && $q->user_eqsl_password !== null) { - $data['user_eqsl_password'] = '**********'; + $data['user_eqsl_password'] = $pwd_placeholder; } else { $data['user_eqsl_password'] = ''; } diff --git a/application/models/User_model.php b/application/models/User_model.php index a362e6574..fb8451ff7 100644 --- a/application/models/User_model.php +++ b/application/models/User_model.php @@ -291,32 +291,42 @@ class User_Model extends CI_Model { return EEMAILEXISTS; } + $pwd_placeholder = '**********'; + // Hash password if($fields['user_password'] != NULL) { - $data['user_password'] = $this->_hash($fields['user_password']); - if($data['user_password'] == EPASSWORDINVALID) { - return EPASSWORDINVALID; + if ($fields['user_password'] !== $pwd_placeholder) { + $data['user_password'] = $this->_hash($fields['user_password']); + if($data['user_password'] == EPASSWORDINVALID) { + return EPASSWORDINVALID; + } } } if($fields['user_lotw_password'] != '') { - $data['user_lotw_password'] = $fields['user_lotw_password']; + if ($fields['user_lotw_password'] !== $pwd_placeholder) { + $data['user_lotw_password'] = $fields['user_lotw_password']; + } } else { $data['user_lotw_password'] = NULL; } if($fields['user_clublog_password'] != '') { - $data['user_clublog_password'] = $fields['user_clublog_password']; + if ($fields['user_clublog_password'] !== $pwd_placeholder) { + $data['user_clublog_password'] = $fields['user_clublog_password']; + } } else { $data['user_clublog_password'] = NULL; } if($fields['user_eqsl_password'] != '') { - $data['user_eqsl_password'] = $fields['user_eqsl_password']; + if ($fields['user_eqsl_password'] !== $pwd_placeholder) { + $data['user_eqsl_password'] = $fields['user_eqsl_password']; + } } else { $data['user_eqsl_password'] = NULL; }