# HG changeset patch # User Dan # Date 1261042195 18000 # Node ID d5474f54a525725d98754551458235201b2879c0 # Parent 277a9cdead3ed594b843e25021b9d1536744e5d5 Fixed undefined $score_min in password change. Potential security concern? diff -r 277a9cdead3e -r d5474f54a525 plugins/SpecialUserPrefs.php --- a/plugins/SpecialUserPrefs.php Thu Dec 17 04:27:50 2009 -0500 +++ b/plugins/SpecialUserPrefs.php Thu Dec 17 04:29:55 2009 -0500 @@ -250,6 +250,7 @@ if ( getConfig('pw_strength_enable') == '1' ) { $score_inp = password_score($newpass); + $score_min = getConfig('pw_strength_minimum', -10); if ( $score_inp < $score_min ) $errors .= '