home » zplus/freepost.git
Author zPlus <-> 2016-07-14 09:38:25
Committer zPlus <-> 2016-07-14 09:38:25
Commit 677914e (patch)
Tree 1a1e171
Parent(s)

Fix password reset: the new password did not replace the old one


commits diff: e9dff48..677914e
2 files changed, 3 insertions, 6 deletionsdownload


Diffstat
-rw-r--r-- database.php 7
-rw-r--r-- template/login_reset.twig 2

Diff options
View
Side
Whitespace
Context lines
Inter-hunk lines
+2/-5 M   database.php
index 1ac173d..3e99aa4
old size: 39K - new size: 39K
@@ -1210,9 +1210,6 @@ class Database
1210 1210
1211 1211 $this->database->beginTransaction();
1212 1212
1213 - // Get the user
1214 - $user = self::get_post ($user_hash_id);
1215 -
1216 1213 // Generate a new secret token (used for validation)
1217 1214 $token = self::get_random_string (32);
1218 1215
@@ -1232,7 +1229,7 @@ class Database
1232 1229
1233 1230 $query->execute (array ($token, $user_hash_id));
1234 1231
1235 - $affected_rows = $query->rowCount();
1232 + $affected_rows = $query->rowCount ();
1236 1233
1237 1234 $this->database->commit ();
1238 1235
@@ -1257,7 +1254,7 @@ class Database
1257 1254
1258 1255 $query = $this->database->prepare (
1259 1256 'UPDATE `user`' .
1260 - 'SET `password` = SHA2(CONCAT(?, `salt`), 512), `passwordResetToken` = "", `passwordResetTokenExpire` = NULL ' .
1257 + 'SET `password` = SHA2(CONCAT(?, `salt`), 512), `passwordResetToken` = NULL, `passwordResetTokenExpire` = NULL ' .
1261 1258 'WHERE `passwordResetToken` = ? AND `passwordResetTokenExpire` > NOW()');
1262 1259
1263 1260 $query->execute (array ($new_password, $token));

+1/-1 M   template/login_reset.twig
index d5003ee..cc42335
old size: 2K - new size: 2K
@@ -2,7 +2,7 @@
2 2
3 3 <div class="login">
4 4 {% if feedback %}
5 - <div class="feedback">
5 + <div class="alert bg-danger">
6 6 {{ feedback }}
7 7 </div>
8 8 {% endif %}