Fixes #1301. Not filtering passwords.

author: Brett Profitt <brett.profitt@gmail.com> 2012-04-18 20:22:54 -0700
committer: Brett Profitt <brett.profitt@gmail.com> 2012-04-18 20:22:54 -0700
commit: 8aad9f081b9fd83f8cd8358547234fbdcdaf9611 (patch)
tree: 98ec37f919182a4c0c582752614443ea4d648ca1 /engine/lib/user_settings.php
parent: f2a80038cddec5ed86b3dd9edb31cf07e3376de8 (diff)
download: elgg-8aad9f081b9fd83f8cd8358547234fbdcdaf9611.tar.gz
elgg-8aad9f081b9fd83f8cd8358547234fbdcdaf9611.tar.bz2
1 files changed, 3 insertions, 3 deletions
diff --git a/engine/lib/user_settings.php b/engine/lib/user_settings.php
index af30d8f0d..e4069fb53 100644
--- a/engine/lib/user_settings.php
+++ b/engine/lib/user_settings.php
@@ -33,9 +33,9 @@ function users_settings_save() {
  * @access private
  */
 function elgg_set_user_password() {
-	$current_password = get_input('current_password');
-	$password = get_input('password');
-	$password2 = get_input('password2');
+	$current_password = get_input('current_password', null, false);
+	$password = get_input('password', null, false);
+	$password2 = get_input('password2', null, false);
 	$user_guid = get_input('guid');
 
 	if (!$user_guid) {
author	Brett Profitt <brett.profitt@gmail.com>	2012-04-18 20:22:54 -0700
committer	Brett Profitt <brett.profitt@gmail.com>	2012-04-18 20:22:54 -0700
commit	8aad9f081b9fd83f8cd8358547234fbdcdaf9611 (patch)
tree	98ec37f919182a4c0c582752614443ea4d648ca1 /engine/lib/user_settings.php
parent	f2a80038cddec5ed86b3dd9edb31cf07e3376de8 (diff)
download	elgg-8aad9f081b9fd83f8cd8358547234fbdcdaf9611.tar.gz elgg-8aad9f081b9fd83f8cd8358547234fbdcdaf9611.tar.bz2