Indefero

Indefero Commit Details


Date:2010-02-09 07:47:13 (15 years 2 months ago)
Author:Loic d'Anterroches
Branch:develop, feature-issue_links, feature.better-home, feature.content-md5, feature.diff-whitespace, feature.download-md5, feature.issue-links, feature.issue-of-others, feature.issue-summary, feature.search-filter, feature.webrepos, feature.wiki-default-page, master, release-1.1, release-1.2, release-1.3
Commit:73f6430a6022966f9f1f7b5f45b501edd08a358d
Parents: 2b107c1610f758c47e8ac3348c79d2f24f5eb8e8
Message:Fixed to prevent a password reset to login an inactive user.
Changes:

File differences

src/IDF/Form/Password.php
4242
4343
4444
45
45
46
47
4648
4749
4850
    public function clean_account()
    {
        $account = mb_strtolower(trim($this->cleaned_data['account']));
        $sql = new Pluf_SQL('email=%s OR login=%s',
        $db =& Pluf::db();
        $true = Pluf_DB_BooleanToDb(true, $db);
        $sql = new Pluf_SQL('(email=%s OR login=%s) AND active='.$true,
                            array($account, $account));
        $users = Pluf::factory('Pluf_User')->getList(array('filter'=>$sql->gen()));
        if ($users->count() == 0) {
src/IDF/Form/PasswordReset.php
7373
7474
7575
76
77
78
7679
7780
7881
        if ($this->cleaned_data['password'] != $this->cleaned_data['password2']) {
            throw new Pluf_Form_Invalid(__('The two passwords must be the same.'));
        }
        if (!$this->user->active) {
            throw new Pluf_Form_Invalid(__('This account is not active. Please contact the forge administrator to activate it.'));
        }
        return $this->cleaned_data;
    }

Archive Download the corresponding diff file

Page rendered in 0.29395s using 13 queries.