2 files changed, 52 insertions, 1 deletions

diff --git a/actions/user/name.php b/actions/user/name.php
index 8ecfa856d..bbeed85ec 100644
--- a/actions/user/name.php
+++ b/actions/user/name.php
@@ -24,7 +24,7 @@
 	else
 		$user = get_entity($user_id);
 		
-	if ($user)
+	if (($user) && ($name))
 	{
 		$user->name = $name;
 		if ($user->save())
diff --git a/actions/user/password.php b/actions/user/password.php
new file mode 100644
index 000000000..4c7ceb65c
--- /dev/null
+++ b/actions/user/password.php
@@ -0,0 +1,51 @@
+<?php
+	/**
+	 * Action for changing a user's password
+	 * 
+	 * @package Elgg
+	 * @subpackage Core
+	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
+	 * @author Marcus Povey
+	 * @copyright Curverider Ltd 2008
+	 * @link http://elgg.org/
+	 */
+
+	require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php");
+	global $CONFIG;
+
+	gatekeeper();
+	
+	$password = get_input('password');
+	$password2 = get_input('password2');
+	$user_id = get_input('guid');
+	$user = "";
+	
+	if (!$user_id)
+		$user = $_SESSION['user'];
+	else
+		$user = get_entity($user_id);
+		
+	if (($user) && ($password!=""))
+	{
+		if (strlen($password)>=4)
+		{
+			if ($password == $password2)
+			{
+				$user->password = generate_user_password($user, $password);
+				if ($user->save())
+					system_message(elgg_echo('user:password:success'));
+				else
+					system_message(elgg_echo('user:password:fail'));
+			}
+			else
+				system_message(elgg_echo('user:password:fail:notsame'));
+		}
+		else
+			system_message(elgg_echo('user:password:fail:tooshort'));
+	}
+	else
+		system_message(elgg_echo('user:password:fail'));
+	
+	forward($_SERVER['HTTP_REFERER']);
+	exit;
+?>
\ No newline at end of file