summaryrefslogtreecommitdiffstats
path: root/app
diff options
context:
space:
mode:
Diffstat (limited to 'app')
-rw-r--r--app/models/user.rb2
1 files changed, 2 insertions, 0 deletions
diff --git a/app/models/user.rb b/app/models/user.rb
index 2dd698f28..ae81d46d2 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -83,6 +83,8 @@ class User < ActiveRecord::Base
# Returns the user that matches provided login and password, or nil
def self.try_to_login(login, password)
+ # Make sure no one can sign in with an empty password
+ return nil if password.to_s.empty?
user = find(:first, :conditions => ["login=?", login])
if user
# user is already in local database
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-13 03:30:23 +0000