Added check for empty passwords on update of MySQL users.

2c75b730 · Till Brehm · a632b0bc · 2c75b730
Commit 2c75b730 authored 8 years ago by Till Brehm
--- a/server/plugins-available/mysql_clientdb_plugin.inc.php
+++ b/server/plugins-available/mysql_clientdb_plugin.inc.php
@@ -142,8 +142,10 @@ class mysql_clientdb_plugin {
 			} elseif($action == 'PASSWORD') {
 				//if(!$link->query("SET PASSWORD FOR '".$link->escape_string($database_user)."'@'$db_host' = '".$link->escape_string($database_password)."'")) $success = false;
 				// SET PASSWORD for already hashed passwords is not supported by latest MySQL 5.7 anymore, so we set it directly
-				if(!$link->query("UPDATE mysql.user SET `Password` = '".$link->escape_string($database_password)."' WHERE `Host` = '".$db_host."' AND `User` = '".$link->escape_string($database_user)."'")) $success = false;
-				if($success == true) $link->query("FLUSH PRIVILEGES");
+				if(trim($database_password) != '') {
+					if(!$link->query("UPDATE mysql.user SET `Password` = '".$link->escape_string($database_password)."' WHERE `Host` = '".$db_host."' AND `User` = '".$link->escape_string($database_user)."'")) $success = false;
+					if($success == true) $link->query("FLUSH PRIVILEGES");
+				}
 			}
 		}