From 03dc0a105fcb280621b827643c49866c4b2c9283 Mon Sep 17 00:00:00 2001 From: the_systech Date: Wed, 6 Mar 2002 21:58:49 +0000 Subject: Fix for bug #525357... Admin password should not be allowed to be blank for security reasons... git-svn-id: file:///svn/phpbb/trunk@2278 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/install.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB') diff --git a/phpBB/install.php b/phpBB/install.php index a97c049a58..27bff21ebe 100644 --- a/phpBB/install.php +++ b/phpBB/install.php @@ -500,7 +500,7 @@ else if( !empty($HTTP_POST_VARS['ftp_file']) && !defined("PHPBB_INSTALLED") ) exit(); } } -else if( ( empty($install_step) || $admin_pass1 != $admin_pass2 || $dbhost == "" ) && !defined("PHPBB_INSTALLED") ) +else if( ( empty($install_step) || $admin_pass1 != $admin_pass2 || empty($admin_pass1) || $dbhost == "" ) && !defined("PHPBB_INSTALLED") ) { // // Ok we haven't installed before so lets work our way through the various @@ -514,7 +514,7 @@ else if( ( empty($install_step) || $admin_pass1 != $admin_pass2 || $dbhost == "" // $instruction_text = $lang['Inst_Step_0']; - if( $HTTP_POST_VARS['admin_pass1'] != $HTTP_POST_VARS['admin_pass2'] ) + if( ($HTTP_POST_VARS['admin_pass1'] != $HTTP_POST_VARS['admin_pass2']) || empty($HTTP_POST_VARS['admin_pass1'] ) { $instruction_text = $lang['Password_mismatch'] . '
' . $instruction_text; } -- cgit v1.2.1