Prevent users setting/hashing an empty password

2026-02-28 02:44:53 +00:00 · 2024-01-19 23:45:02 +00:00
parent ee68bf10b8
commit 1fcf559e13
2 changed files with 7 additions and 2 deletions
--- a/user_security.php
+++ b/user_security.php
@@ -12,12 +12,12 @@ require_once "inc_all_user.php";
            <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">

            <div class="form-group">
-                <label>Your New Password</label>
+                <label>Your New Password <strong class="text-danger">*</strong></label>
                <div class="input-group">
                    <div class="input-group-prepend">
                        <span class="input-group-text"><i class="fa fa-fw fa-lock"></i></span>
                    </div>
-                    <input type="password" class="form-control" data-toggle="password" name="new_password" placeholder="Leave blank for no change" autocomplete="new-password" minlength="8">
+                    <input type="password" class="form-control" data-toggle="password" name="new_password" placeholder="Leave blank for no change" autocomplete="new-password" minlength="8" required>
                    <div class="input-group-append">
                        <span class="input-group-text"><i class="fa fa-fw fa-eye"></i></span>
                    </div>