closes #1724

11 years ago · dceeed22f7
parent 458e294293
commit dceeed22f7
2 changed files with 5 additions and 2 deletions
--- a/src/routes/authentication.js
+++ b/src/routes/authentication.js
@ -97,6 +97,9 @@
 				return res.redirect(nconf.get('relative_path') + '/register' + (err.message ? '?error=' + err.message : ''));
 			}

+			delete userData['password-confirm'];
+			delete userData['_csrf'];
+
 			user.create(userData, function(err, uid) {
 				if (err || !uid) {
 					return res.redirect(nconf.get('relative_path') + '/register');
--- a/src/user/create.js
+++ b/src/user/create.js
@ -39,8 +39,8 @@ module.exports = function(User) {
 				next((!utils.isUserNameValid(userData.username) || !userData.userslug) ? new Error('[[error:invalid-username]]') : null);
 			},
 			function(next) {
-				if (userData.password) {
-					next(!utils.isPasswordValid(userData.password) ? new Error('[[error:invalid-password]]') : null);
+				if (password) {
+					next(!utils.isPasswordValid(password) ? new Error('[[error:invalid-password]]') : null);
 				} else {
 					next();
 				}