# HG changeset patch
# User Dan
# Date 1261042195 18000
# Node ID d5474f54a525725d98754551458235201b2879c0
# Parent  277a9cdead3ed594b843e25021b9d1536744e5d5
Fixed undefined $score_min in password change. Potential security concern?

diff -r 277a9cdead3e -r d5474f54a525 plugins/SpecialUserPrefs.php
--- a/plugins/SpecialUserPrefs.php	Thu Dec 17 04:27:50 2009 -0500
+++ b/plugins/SpecialUserPrefs.php	Thu Dec 17 04:29:55 2009 -0500
@@ -250,6 +250,7 @@
             if ( getConfig('pw_strength_enable') == '1' )
             {
               $score_inp = password_score($newpass);
+              $score_min = getConfig('pw_strength_minimum', -10);
               if ( $score_inp < $score_min )
                 $errors .= '<div class="error-box" style="margin: 0 0 10px 0;">' . $lang->get('usercp_emailpassword_err_password_too_weak', array('score' => $score_inp)) . '</div>';
             }