From 1860521e74fb955c09ff32ac9629c0a8195e114a Mon Sep 17 00:00:00 2001
From: Denis Flaven <denis.flaven@combodo.com>
Date: Mon, 25 Oct 2010 15:49:20 +0000
Subject: [PATCH] Fixed Trac #306: corrupted password when user creation fails
 at first attempt.

SVN:trunk[928]
---
 application/ui.passwordwidget.class.inc.php | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/application/ui.passwordwidget.class.inc.php b/application/ui.passwordwidget.class.inc.php
index 37353b73a..cd53e411e 100644
--- a/application/ui.passwordwidget.class.inc.php
+++ b/application/ui.passwordwidget.class.inc.php
@@ -52,10 +52,13 @@ class UIPasswordWidget
 	{
 		$sCode = $this->sAttCode.$this->sNameSuffix;
 		$iWidgetIndex = self::$iWidgetIndex;
+		$sPasswordValue = utils::ReadPostedParam("attr_$sCode", '*****');
+		$sConfirmPasswordValue = utils::ReadPostedParam("attr_{$sCode}_confirmed", '*****');
+		$sChangedValue = (($sPasswordValue != '*****') || ($sConfirmPasswordValue != '*****')) ? 1 : 0;
 		$sHtmlValue = '';
-		$sHtmlValue = '<input type="password" maxlength="255" name="attr_'.$sCode.'" id="'.$this->iId.'" value="*****"/>&nbsp;<span id="v_'.$this->iId.'"></span><br/>';
-		$sHtmlValue .= '<input type="password" maxlength="255" id="'.$this->iId.'_confirm" value="*****"/> '.Dict::S('UI:PasswordConfirm').' <input type="button" value="'.Dict::S('UI:Button:ResetPassword').'" onClick="ResetPwd(\''.$this->iId.'\');">';
-		$sHtmlValue .= '<input type="hidden" id="'.$this->iId.'_changed" name="attr_'.$sCode.'_changed" value="0"/>';
+		$sHtmlValue = '<input type="password" maxlength="255" name="attr_'.$sCode.'" id="'.$this->iId.'" value="'.htmlentities($sPasswordValue, ENT_QUOTES, 'UTF-8').'"/>&nbsp;<span id="v_'.$this->iId.'"></span><br/>';
+		$sHtmlValue .= '<input type="password" maxlength="255" id="'.$this->iId.'_confirm" value="'.htmlentities($sConfirmPasswordValue, ENT_QUOTES, 'UTF-8').'" name="attr_'.$sCode.'_confirmed"/> '.Dict::S('UI:PasswordConfirm').' <input type="button" value="'.Dict::S('UI:Button:ResetPassword').'" onClick="ResetPwd(\''.$this->iId.'\');">';
+		$sHtmlValue .= '<input type="hidden" id="'.$this->iId.'_changed" name="attr_'.$sCode.'_changed" value="'.$sChangedValue.'"/>';
 
 		$oPage->add_ready_script("$('#$this->iId').bind('keyup change', function(evt) { return PasswordFieldChanged('$this->iId') } );"); // Bind to a custom event: validate
 		$oPage->add_ready_script("$('#$this->iId').bind('keyup change', function(evt) { return PasswordFieldChanged('$this->iId') } );"); // Bind to a custom event: validate