From 73a75fc3d387f8d923186c5c04b1ca7bc6cda4ef Mon Sep 17 00:00:00 2001
From: Andreas Fischer <bantu@phpbb.com>
Date: Sat, 8 Sep 2012 15:02:06 +0200
Subject: [PATCH] [ticket/8713] Revert changes to ucp_profile, ucp_register and
 acp_users.

Currently only auth_db is supported there and the password needs to be trimmed
for compatibility because user_password stores

  phpbb_hash(htmlspecialchars(trim($password)))

Setting passwords for other auth modules is currently not supported.

Once setting/changing passwords is supported by auth plugins, the
untrimmed_variable() should be used here and the result should be passed
to the auth plugin.

PHPBB3-8713
---
 phpBB/includes/acp/acp_users.php    | 4 ++--
 phpBB/includes/ucp/ucp_profile.php  | 6 +++---
 phpBB/includes/ucp/ucp_register.php | 4 ++--
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php
index 2905b84d57..985a12d9ce 100644
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@@ -770,8 +770,8 @@ class acp_users
 						'username'			=> utf8_normalize_nfc(request_var('user', $user_row['username'], true)),
 						'user_founder'		=> request_var('user_founder', ($user_row['user_type'] == USER_FOUNDER) ? 1 : 0),
 						'email'				=> strtolower(request_var('user_email', $user_row['user_email'])),
-						'new_password'		=> $request->untrimmed_variable('new_password', '', true),
-						'password_confirm'	=> $request->untrimmed_variable('password_confirm', '', true),
+						'new_password'		=> $request->variable('new_password', '', true),
+						'password_confirm'	=> $request->variable('password_confirm', '', true),
 					);
 
 					// Validation data - we do not check the password complexity setting here
diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php
index db1e3e4722..89bf20a30f 100644
--- a/phpBB/includes/ucp/ucp_profile.php
+++ b/phpBB/includes/ucp/ucp_profile.php
@@ -46,9 +46,9 @@ class ucp_profile
 				$data = array(
 					'username'			=> utf8_normalize_nfc(request_var('username', $user->data['username'], true)),
 					'email'				=> strtolower(request_var('email', $user->data['user_email'])),
-					'new_password'		=> $request->untrimmed_variable('new_password', '', true),
-					'cur_password'		=> $request->untrimmed_variable('cur_password', '', true),
-					'password_confirm'	=> $request->untrimmed_variable('password_confirm', '', true),
+					'new_password'		=> $request->variable('new_password', '', true),
+					'cur_password'		=> $request->variable('cur_password', '', true),
+					'password_confirm'	=> $request->variable('password_confirm', '', true),
 				);
 
 				add_form_key('ucp_reg_details');
diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php
index 5ae92a5cea..c57aec00a0 100644
--- a/phpBB/includes/ucp/ucp_register.php
+++ b/phpBB/includes/ucp/ucp_register.php
@@ -170,8 +170,8 @@ class ucp_register
 
 		$data = array(
 			'username'			=> utf8_normalize_nfc(request_var('username', '', true)),
-			'new_password'		=> $request->untrimmed_variable('new_password', '', true),
-			'password_confirm'	=> $request->untrimmed_variable('password_confirm', '', true),
+			'new_password'		=> $request->variable('new_password', '', true),
+			'password_confirm'	=> $request->variable('password_confirm', '', true),
 			'email'				=> strtolower(request_var('email', '')),
 			'lang'				=> basename(request_var('lang', $user->lang_name)),
 			'tz'				=> request_var('tz', $timezone),