diff --git a/src/www/system_usermanager.php b/src/www/system_usermanager.php
index 02ee51e48..f5a88f517 100644
--- a/src/www/system_usermanager.php
+++ b/src/www/system_usermanager.php
@@ -214,13 +214,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
} elseif (isset($pconfig['save'])) {
// save user
/* input validation */
- if (isset($id)) {
- $reqdfields = explode(" ", "usernamefld");
- $reqdfieldsn = array(gettext("Username"));
- } else {
- $reqdfields = explode(" ", "usernamefld passwordfld1");
- $reqdfieldsn = array(gettext("Username"), gettext("Password"));
- }
+ $reqdfields = explode(' ', 'usernamefld');
+ $reqdfieldsn = array(gettext('Username'));
do_input_validation($pconfig, $reqdfields, $reqdfieldsn, $input_errors);
@@ -228,17 +223,20 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
$input_errors[] = gettext("The username contains invalid characters.");
}
- if (strlen($_POST['usernamefld']) > 32) {
+ if (strlen($pconfig['usernamefld']) > 32) {
$input_errors[] = gettext("The username is longer than 32 characters.");
}
- if (!empty($pconfig['passwordfld1'])) {
- if ($pconfig['passwordfld1'] != $pconfig['passwordfld2']) {
- $input_errors[] = gettext('The passwords do not match.');
- }
- if (!empty($pconfig['gen_new_password'])) {
- $input_errors[] = gettext('Cannot set random password due to explicit input.');
- }
+ if ($pconfig['passwordfld1'] != $pconfig['passwordfld2']) {
+ $input_errors[] = gettext('The passwords do not match.');
+ }
+
+ if (!empty($pconfig['passwordfld1']) && !empty($pconfig['gen_new_password'])) {
+ $input_errors[] = gettext('Cannot set random password due to explicit input.');
+ }
+
+ if (empty($pconfig['passwordfld1']) && empty($pconfig['gen_new_password'])) {
+ $input_errors[] = gettext('A password is required.');
}
if (!empty($pconfig['disabled']) && $_SESSION['Username'] === $a_user[$id]['name']) {
@@ -581,7 +579,7 @@ $( document ).ready(function() {
-
+ />