mirror of https://github.com/BOINC/boinc.git
Fixed a typo in recover_email.php as well as not require the user to be logged in when trying to reset email address.
This commit is contained in:
Keith Uplinger
parent
69f78a69cd
commit
3011ccf8db
|
|
@ -25,7 +25,7 @@ check_get_args(array("id", "token"));
|
||||||
|
|
||||||
redirect_to_secure_url("recover_email.php");
|
redirect_to_secure_url("recover_email.php");
|
||||||
|
|
||||||
$user = get_logged_in_user();
|
$user = get_logged_in_user(false);
|
||||||
//Log out to clear all auth tokens
|
//Log out to clear all auth tokens
|
||||||
if ($user) {
|
if ($user) {
|
||||||
clear_cookie('auth');
|
clear_cookie('auth');
|
||||||
|
|
@ -48,7 +48,7 @@ if(is_valid_token($userid, $token, TOKEN_TYPE_CHANGE_EMAIL)) {
|
||||||
} else {
|
} else {
|
||||||
echo tra("Email address has been reverted.")."<br /><br />".tra("You need to reset your password: ")."<a href\=".secure_url_base()."get_passwd.php\">".secure_url_base()."get_passwd.php</a>";
|
echo tra("Email address has been reverted.")."<br /><br />".tra("You need to reset your password: ")."<a href\=".secure_url_base()."get_passwd.php\">".secure_url_base()."get_passwd.php</a>";
|
||||||
|
|
||||||
$database_passwd_hash = password_hash(rondam_string() , PASSWORD_DEFAULT);
|
$database_passwd_hash = password_hash(random_string() , PASSWORD_DEFAULT);
|
||||||
//Change previous_email
|
//Change previous_email
|
||||||
$result = $tmpuser->update(
|
$result = $tmpuser->update(
|
||||||
"email_addr=previous_email_addr, previous_email_addr=null, email_addr_change_time=0, passwd_hash='$database_passwd_hash', email_validated=0"
|
"email_addr=previous_email_addr, previous_email_addr=null, email_addr_change_time=0, passwd_hash='$database_passwd_hash', email_validated=0"
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue