From 9abc0f43bd0246e2cf3aa865c8b1cf071f89e6b0 Mon Sep 17 00:00:00 2001
From: shibanglin <shibanglin@maxsso.net>
Date: Tue, 7 Mar 2023 11:34:55 +0800
Subject: [PATCH] =?UTF-8?q?=E5=8E=9F=E5=AF=86=E7=A0=81=E9=94=99=E8=AF=AF?=
 =?UTF-8?q?=E9=83=BD=E8=83=BD=E4=BF=AE=E6=94=B9=E5=AF=86=E7=A0=81=E7=9A=84?=
 =?UTF-8?q?=E9=97=AE=E9=A2=98=E4=BF=AE=E5=A4=8D?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/org/maxkey/persistence/service/UserInfoService.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/maxkey-persistence/src/main/java/org/maxkey/persistence/service/UserInfoService.java b/maxkey-persistence/src/main/java/org/maxkey/persistence/service/UserInfoService.java
index 8618a7fa8..83450b744 100644
--- a/maxkey-persistence/src/main/java/org/maxkey/persistence/service/UserInfoService.java
+++ b/maxkey-persistence/src/main/java/org/maxkey/persistence/service/UserInfoService.java
@@ -267,7 +267,7 @@ public class UserInfoService extends JpaBaseService<UserInfo> {
 		    WebContext.setAttribute(PasswordPolicyValidator.PASSWORD_POLICY_VALIDATE_RESULT, "");
 		    UserInfo userInfo = this.findByUsername(changePassword.getUsername());
 	        if(changePassword.getPassword().equals(changePassword.getConfirmPassword())){
-	            if(StringUtils.isNotBlank(changePassword.getOldPassword()) || 
+	            if(StringUtils.isNotBlank(changePassword.getOldPassword()) &&
 	                    passwordEncoder.matches(changePassword.getOldPassword(), userInfo.getPassword())){
 	                if(changePassword(changePassword,true) ){
 	                    return true;