eSilverStrike
commented
2 years ago @mystralkk On the admin user editor the save users function and password checking was a bit of a mess.
Partially my fault as I had touched the code before when I added the strong passwords feature.
Still it seemed to have some bugs before my changes looking at past versions of the code.
I am not sure why SEC_encryptUserPassword is being used in the code for example when checking the passwords as it will always fail for new users and only pass if the password in the field matches the old one. I left the code in but added a check for existing user. It still doesn't make much sense to me why it is here, not sure if you want to double check it but I tested new and existing user saving and everything seems to work fine now.
If the password is blank (so no changes) it looks like the password is still checked for some reason.
Remember this needs to work for new users as well.