From b73d5a641f6d7495c94b0902d785031abe9a6414 Mon Sep 17 00:00:00 2001
From: Hypolite Petovan <mrpetovan@gmail.com>
Date: Wed, 18 Apr 2018 22:47:27 -0400
Subject: [PATCH 1/3] [Composer] Add seld/cli-prompt dependency

---
 composer.json |  1 +
 composer.lock | 50 +++++++++++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 50 insertions(+), 1 deletion(-)

diff --git a/composer.json b/composer.json
index 5cb33e67d6..b7cd645bdb 100644
--- a/composer.json
+++ b/composer.json
@@ -25,6 +25,7 @@
 		"paragonie/random_compat": "^2.0",
 		"pear/Text_LanguageDetect": "1.*",
 		"pear/Text_Highlighter": "dev-master",
+		"seld/cli-prompt": "^1.0",
 		"smarty/smarty": "^3.1",
 		"fxp/composer-asset-plugin": "~1.3",
 		"bower-asset/base64": "^1.0",
diff --git a/composer.lock b/composer.lock
index 34362cb1bb..f294c16ef5 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
         "This file is @generated automatically"
     ],
-    "content-hash": "96062c2020a40f14b52e5e91c79995a7",
+    "content-hash": "f97245142e60a521f048a667bec4e436",
     "packages": [
         {
             "name": "asika/simple-console",
@@ -1988,6 +1988,54 @@
             "description": "PSR-6 adapter for RW File Cache",
             "time": "2018-01-30T19:13:45+00:00"
         },
+        {
+            "name": "seld/cli-prompt",
+            "version": "1.0.3",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/Seldaek/cli-prompt.git",
+                "reference": "a19a7376a4689d4d94cab66ab4f3c816019ba8dd"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/Seldaek/cli-prompt/zipball/a19a7376a4689d4d94cab66ab4f3c816019ba8dd",
+                "reference": "a19a7376a4689d4d94cab66ab4f3c816019ba8dd",
+                "shasum": ""
+            },
+            "require": {
+                "php": ">=5.3"
+            },
+            "type": "library",
+            "extra": {
+                "branch-alias": {
+                    "dev-master": "1.x-dev"
+                }
+            },
+            "autoload": {
+                "psr-4": {
+                    "Seld\\CliPrompt\\": "src/"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Jordi Boggiano",
+                    "email": "j.boggiano@seld.be"
+                }
+            ],
+            "description": "Allows you to prompt for user input on the command line, and optionally hide the characters they type",
+            "keywords": [
+                "cli",
+                "console",
+                "hidden",
+                "input",
+                "prompt"
+            ],
+            "time": "2017-03-18T11:32:45+00:00"
+        },
         {
             "name": "smarty/smarty",
             "version": "v3.1.31",

From 0496822ca3c929218f6fad23a35709d4ef26dcae Mon Sep 17 00:00:00 2001
From: Hypolite Petovan <mrpetovan@gmail.com>
Date: Wed, 18 Apr 2018 22:49:14 -0400
Subject: [PATCH 2/3] Add Exception when password is empty in
 User::hashPassword()

---
 src/Model/User.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/Model/User.php b/src/Model/User.php
index 2621897f4e..41d26ee19d 100644
--- a/src/Model/User.php
+++ b/src/Model/User.php
@@ -258,6 +258,10 @@ class User
 	 */
 	public static function hashPassword($password)
 	{
+		if (!trim($password)) {
+			throw new Exception(L10n::t('Password can\'t be empty'));
+		}
+
 		return password_hash($password, PASSWORD_DEFAULT);
 	}
 

From f65a7b3130c207939d3a64d77543d5517e8a2a5a Mon Sep 17 00:00:00 2001
From: Hypolite Petovan <mrpetovan@gmail.com>
Date: Wed, 18 Apr 2018 22:56:52 -0400
Subject: [PATCH 3/3] Add hidden password input to Console\NewPassword

- Add Exception when password is empty
---
 src/Core/Console/NewPassword.php | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/src/Core/Console/NewPassword.php b/src/Core/Console/NewPassword.php
index d44286d28f..f5698ba716 100644
--- a/src/Core/Console/NewPassword.php
+++ b/src/Core/Console/NewPassword.php
@@ -27,7 +27,7 @@ class NewPassword extends \Asika\SimpleConsole\Console
 		$help = <<<HELP
 console newpassword - Creates a new password for a given user
 Usage
-	bin/console newpassword <nickname> <password> [-h|--help|-?] [-v]
+	bin/console newpassword <nickname> [<password>] [-h|--help|-?] [-v]
 
 Description
 	Creates a new password for a user without using the "forgot password" functionality.
@@ -67,13 +67,22 @@ HELP;
 		}
 
 		$nick = $this->getArgument(0);
-		$password = $this->getArgument(1);
 
 		$user = dba::selectFirst('user', ['uid'], ['nickname' => $nick]);
 		if (!DBM::is_result($user)) {
 			throw new \RuntimeException(L10n::t('User not found'));
 		}
 
+		$password = $this->getArgument(1);
+		if (is_null($password)) {
+			$this->out(L10n::t('Enter new password: '), false);
+			$password = \Seld\CliPrompt\CliPrompt::hiddenPrompt(true);
+		}
+
+		if (!$password) {
+			throw new \RuntimeException(L10n::t('Password can\'t be empty'));
+		}
+
 		if (!Config::get('system', 'disable_password_exposed', false) && User::isPasswordExposed($password)) {
 			throw new \RuntimeException(L10n::t('The new password has been exposed in a public data dump, please choose another.'));
 		}