From 06dbcec5a17691d7d31e52cabba94316f040f13b Mon Sep 17 00:00:00 2001
From: Victor Dubiniuk <victor.dubiniuk@gmail.com>
Date: Mon, 18 Feb 2013 21:20:48 +0300
Subject: Do not set password if it has't provided

---
 settings/ajax/changepassword.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'settings/ajax')

diff --git a/settings/ajax/changepassword.php b/settings/ajax/changepassword.php
index ceb4bbeecb0..1fc6d0e1000 100644
--- a/settings/ajax/changepassword.php
+++ b/settings/ajax/changepassword.php
@@ -8,7 +8,7 @@ OC_JSON::checkLoggedIn();
 OC_APP::loadApps();
 
 $username = isset($_POST["username"]) ? $_POST["username"] : OC_User::getUser();
-$password = $_POST["password"];
+$password = isset($_POST["password"]) ? $_POST["password"] : null;
 $oldPassword=isset($_POST["oldpassword"])?$_POST["oldpassword"]:'';
 
 $userstatus = null;
@@ -28,7 +28,7 @@ if(is_null($userstatus)) {
 }
 
 // Return Success story
-if( OC_User::setPassword( $username, $password )) {
+if(!is_null($password) && OC_User::setPassword( $username, $password )) {
 	OC_JSON::success(array("data" => array( "username" => $username )));
 }
 else{
-- 
cgit v1.2.3