From e1d135238a85e2cf8c157c67c4d8ea1d2678adb6 Mon Sep 17 00:00:00 2001
From: Philipp Holzer <admin+github@philipp.info>
Date: Tue, 9 Jul 2019 22:38:54 +0200
Subject: [PATCH] Revert default password setting & using "HiddenString" even
 for empty strings

---
 config/defaults.config.php                      | 2 +-
 src/Core/Config/Cache/ConfigCache.php           | 2 +-
 tests/src/Core/Config/Cache/ConfigCacheTest.php | 4 +++-
 3 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/config/defaults.config.php b/config/defaults.config.php
index fac08e9843..b4471af25c 100644
--- a/config/defaults.config.php
+++ b/config/defaults.config.php
@@ -22,7 +22,7 @@ return [
 
 		// pass (String)
 		// Database user password. Please don't use empty passwords.
-		'password' => new \ParagonIE\HiddenString\HiddenString(''),
+		'password' => '',
 
 		// base (String)
 		// Database name.
diff --git a/src/Core/Config/Cache/ConfigCache.php b/src/Core/Config/Cache/ConfigCache.php
index 441cdee811..6679b55ab9 100644
--- a/src/Core/Config/Cache/ConfigCache.php
+++ b/src/Core/Config/Cache/ConfigCache.php
@@ -95,7 +95,7 @@ class ConfigCache implements IConfigCache, IPConfigCache
 
 		if ($this->hidePasswordOutput &&
 		    $key == 'password' &&
-		    !empty($value) && is_string($value)) {
+		    is_string($value)) {
 			$this->config[$cat][$key] = new HiddenString((string) $value);
 		} else {
 			$this->config[$cat][$key] = $value;
diff --git a/tests/src/Core/Config/Cache/ConfigCacheTest.php b/tests/src/Core/Config/Cache/ConfigCacheTest.php
index f8f81f9ee7..9c93c44f26 100644
--- a/tests/src/Core/Config/Cache/ConfigCacheTest.php
+++ b/tests/src/Core/Config/Cache/ConfigCacheTest.php
@@ -4,6 +4,7 @@ namespace Friendica\Test\src\Core\Config\Cache;
 
 use Friendica\Core\Config\Cache\ConfigCache;
 use Friendica\Test\MockedTest;
+use ParagonIE\HiddenString\HiddenString;
 
 class ConfigCacheTest extends MockedTest
 {
@@ -322,7 +323,8 @@ class ConfigCacheTest extends MockedTest
 			]
 		]);
 
-		$this->assertEmpty($configCache->get('database', 'password'));
+		$this->assertNotEmpty($configCache->get('database', 'password'));
+		$this->assertInstanceOf(HiddenString::class, $configCache->get('database', 'password'));
 		$this->assertEmpty($configCache->get('database', 'username'));
 	}