I think that the error is caused by wrong behavior of serendipity rather than Firefox. What happens exactly: The old password is entered unchanged, the check-password-value is empty, so s9y shouldn't change the password - and it shouldn't display the error-message. This is almost the same exception as when no password is entered at all.
The current boolean-expression is:
Code: Select all
!empty($_POST['password']) && $_POST['check_password'] != $_SESSION['serendipityPassword'] && serendipity_passwordhash($_POST['check_password']) != $_SESSION['serendipityPassword']) {
Code: Select all
!empty($_POST['password']) => ( !empty($_POST['password'] && $_POST['password'] != $_SESSION['serendipityPassword'] && serendipity_passwordhash($_POST['password']) != $_SESSION['serendipityPassword'] )
sincerely