From 0f2e3657e928d24275550b6dee8f6d1eaf3b0415 Mon Sep 17 00:00:00 2001
From: "Paul S. Owen" <psotfx@users.sourceforge.net>
Date: Sat, 6 Oct 2001 00:51:53 +0000
Subject: [PATCH] Potential security hole fixed, thanks Ashe for pointing it
 out

git-svn-id: file:///svn/phpbb/trunk@1132 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/profile.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/phpBB/profile.php b/phpBB/profile.php
index a1bded75dd..6fce93e298 100644
--- a/phpBB/profile.php
+++ b/phpBB/profile.php
@@ -474,6 +474,7 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
 				}
 			}
 
+			$passwd_sql = "";
 			if( !empty($password) && !empty($password_confirm) )
 			{
 				// Awww, the user wants to change their password, isn't that cute..
@@ -510,6 +511,7 @@ if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
 				}
 			}
 
+			$username_sql = "";
 			if($board_config['allow_namechange'] || $mode == "register")
 			{
 				if($username != $userdata['username'] || $mode == "register")