From ddd89043c9034a948579abb915953b2b2b7bb11b Mon Sep 17 00:00:00 2001
From: Lucas Nicodemus <shank@shanked.me>
Date: Thu, 30 Apr 2015 15:52:08 -0600
Subject: [PATCH] Fix blank password legacy behavior in TShock.

Fixes #907
---
 TShockAPI/DB/UserManager.cs | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/TShockAPI/DB/UserManager.cs b/TShockAPI/DB/UserManager.cs
index 4cc5cf29..1450e4c8 100755
--- a/TShockAPI/DB/UserManager.cs
+++ b/TShockAPI/DB/UserManager.cs
@@ -444,6 +444,10 @@ namespace TShockAPI.DB
 			{
 				if (HashPassword(password).ToUpper() == this.Password.ToUpper())
 				{
+					// Return true to keep blank passwords working but don't convert them to bcrypt.
+					if (this.Password == "non-existant password") {
+						return true;
+					}
 					// The password is not stored using BCrypt; upgrade it to BCrypt immediately
 					UpgradePasswordToBCrypt(password);
 					return true;
@@ -592,7 +596,7 @@ namespace TShockAPI.DB
 		protected string HashPassword(string password)
 		{
 			if (string.IsNullOrEmpty(password) || password == "non-existant password")
-				return null;
+				return "non-existant password";
 			return HashPassword(Encoding.UTF8.GetBytes(password));
 		}