ENH: refs #952. Added fix for pendingusers created pre-upgrade.

Author: Michael Grauer

core/controllers/UserController.php

@@ -680,6 +680,10 @@ public function settingsAction()
           throw new Zend_Exception('Changing password is disallowed for this user');
           }
         $oldPass = $this->_getParam('oldPassword');
+        if($userDao->getSalt() == '')
+          {
+          $passwordHash = $this->User->convertLegacyPasswordHash($userDao, $oldPass);
+          }
         $newPass = $this->_getParam('newPassword');
         $instanceSalt = Zend_Registry::get('configGlobal')->password->prefix;
         $hashedPasswordOld = hash($userDao->getHashAlg(), $instanceSalt.$userDao->getSalt().$oldPass);

core/database/upgrade/3.2.12.php

@@ -65,6 +65,16 @@ private function _movePasswords()
       }
     // Set the salt and hash alg to the appropriate value to denote a legacy user
     $this->db->update('user', array('hash_alg' => 'md5', 'salt' => ''));
+    // Now the same for pending users
+    $sql = $this->db->select()
+            ->from(array('pendinguser'), array('password'))
+            ->distinct();
+    $rows = $this->db->fetchAll($sql);
+    foreach($rows as $row)
+      {
+      $this->db->insert('password', array('hash' => $row['password']));
+      }
+
     }
 }
 ?>