If one locks a user input field (e.g. add a config value auth_user_firstname_editlock='something' to mdl_config table to lock the field auth_user_firstname), this field gets disabled on the moodle/user/edit.php page by javascript (document.form.auth_user_firstname.disabled=true) This perfectly works but when a (non-admin) user wants to update his userinfo he always gets an error saying that this field cannot be updated, even if it wasn't changed at all.

The problem is that disabled form elements are not submitted by webbrowsers (or at least not by webbrowser which obey the official html4 standard... see http://www.w3.org/TR/html4/interact/forms.html#h-17.12). So the value of a disabled field doesn't get submitted what causes the follwoing code in moodle/user/edit.php to release an error:

if ($user->$field !== $usernew->$field)

The problem could easily be solved if there was a method to set an input field to readonly using javascript (this doesnt seem to be trivial...). The best solution probably would be to set the input fields readonly directly with something like:

<? if (!empty($CFG->auth_user_firstname)) echo readonly ?>

within

<input type=text name=firstname size=30 alt=<?php print_string(firstname) ?> maxlength=20 value=<?php p($user->firstname) ?> />