From c1eed1d4066611440c5cf3ac686595ce00156f32 Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Sat, 29 Dec 2018 15:11:32 +0100
Subject: [PATCH] [Web] Hide self-edit passwords of domain admins, fixes #2135

---
 data/web/inc/functions.domain_admin.inc.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/data/web/inc/functions.domain_admin.inc.php b/data/web/inc/functions.domain_admin.inc.php
index bf9900e8..064ba6c8 100644
--- a/data/web/inc/functions.domain_admin.inc.php
+++ b/data/web/inc/functions.domain_admin.inc.php
@@ -5,6 +5,9 @@ function domain_admin($_action, $_data = null) {
   $_data_log = $_data;
   !isset($_data_log['password']) ?: $_data_log['password'] = '*';
   !isset($_data_log['password2']) ?: $_data_log['password2'] = '*';
+  !isset($_data_log['user_old_pass']) ?: $_data_log['user_old_pass'] = '*';
+  !isset($_data_log['user_new_pass']) ?: $_data_log['user_new_pass'] = '*';
+  !isset($_data_log['user_new_pass2']) ?: $_data_log['user_new_pass2'] = '*';
   switch ($_action) {
     case 'add':
       $username		= strtolower(trim($_data['username']));