From 66d75d16fcc1e531811fb3bcf32a2f4318c01588 Mon Sep 17 00:00:00 2001
From: Dries Buytaert <dries@buytaert.net>
Date: Fri, 7 May 2010 14:48:10 +0000
Subject: [PATCH] - Patch #547490 by ugerhard, Jody Lynn, Matt V.: entering
 only 'Confirm password' field passes validation and returns success message.

---
 includes/form.inc      |  4 ++--
 modules/user/user.test | 14 +++++++++++++-
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/includes/form.inc b/includes/form.inc
index f271eebfe850..cc24451084c6 100644
--- a/includes/form.inc
+++ b/includes/form.inc
@@ -2174,8 +2174,8 @@ function form_process_password_confirm($element) {
  */
 function password_confirm_validate($element, &$element_state) {
   $pass1 = trim($element['pass1']['#value']);
-  if (!empty($pass1)) {
-    $pass2 = trim($element['pass2']['#value']);
+  $pass2 = trim($element['pass2']['#value']);
+  if (!empty($pass1) || !empty($pass2)) {
     if (strcmp($pass1, $pass2)) {
       form_error($element, t('The specified passwords do not match.'));
     }
diff --git a/modules/user/user.test b/modules/user/user.test
index 78e121672d74..732782d6afcc 100644
--- a/modules/user/user.test
+++ b/modules/user/user.test
@@ -55,7 +55,7 @@ class UserRegistrationTestCase extends DrupalWebTestCase {
     $edit['pass[pass1]'] = '99999.0';
     $edit['pass[pass2]'] = '99999';
     $this->drupalPost('user/register', $edit, t('Create new account'));
-    $this->assertText(t('The specified passwords do not match.'), t('Type mismatched passwords display an error message.'));
+    $this->assertText(t('The specified passwords do not match.'), t('Typing mismatched passwords displays an error message.'));
 
     // Enter a correct password.
     $edit['pass[pass1]'] = $new_pass = $this->randomName();
@@ -1391,6 +1391,18 @@ class UserEditTestCase extends DrupalWebTestCase {
     $this->drupalPost("user/$user1->uid/edit", $edit, t('Save'));
     $this->assertRaw(t('The name %name is already taken.', array('%name' => $edit['name'])));
 
+    // Check that filling out a single password field does not validate.
+    $edit = array();
+    $edit['pass[pass1]'] = '';
+    $edit['pass[pass2]'] = $this->randomName();
+    $this->drupalPost("user/$user1->uid/edit", $edit, t('Save'));
+    $this->assertText(t("The specified passwords do not match."), t('Typing mismatched passwords displays an error message.'));
+
+    $edit['pass[pass1]'] = $this->randomName();
+    $edit['pass[pass2]'] = '';
+    $this->drupalPost("user/$user1->uid/edit", $edit, t('Save'));
+    $this->assertText(t("The specified passwords do not match."), t('Typing mismatched passwords displays an error message.'));
+
     // Test that the error message appears when attempting to change the mail or
     // pass without the current password.
     $edit = array();
-- 
GitLab