From be139c85a8ea7809a710a4be57b40a9001026117 Mon Sep 17 00:00:00 2001 From: tobiasKaminsky Date: Wed, 23 Nov 2016 21:44:38 +0100 Subject: empty password only allowed if password link is sent Signed-off-by: Morris Jobke --- lib/private/User/Manager.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/private/User/Manager.php b/lib/private/User/Manager.php index cb726b55eac..39845fba88d 100644 --- a/lib/private/User/Manager.php +++ b/lib/private/User/Manager.php @@ -281,10 +281,10 @@ class Manager extends PublicEmitter implements IUserManager { if (strlen(trim($uid, "\t\n\r\0\x0B\xe2\x80\x8b")) !== strlen(trim($uid))) { throw new \Exception($l->t('Username contains whitespace at the beginning or at the end')); } - // No empty password -// if (trim($password) == '') { -// throw new \Exception($l->t('A valid password must be provided')); -// } + // empty password only allowed if password link is sent + if (trim($password) == '' && $this->config->getAppValue('core', 'umgmt_send_passwordlink', 'false') === 'false') { + throw new \Exception($l->t('A valid password must be provided')); + } // Check if user already exists if ($this->userExists($uid)) { -- cgit v1.2.3