stian/gallery3
1
0
Fork 0
mirror of https://github.com/Pathduck/gallery3.git synced 2026-02-05 07:55:25 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

When we are changing the password using the change password from as part of the password reset, the input value is in the post[hash] variable as opposed to the get(key) value. This should fix ticket #850.

Browse Source
This commit is contained in:
Tim Almdal
2009-10-26 11:37:03 -07:00
parent 599cfab3b3
commit 2dcd8f8a25
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/user/controllers/password.php
View File

@@ -116,7 +116,7 @@ class Password_Controller extends Controller {
private function _change_password() {
$view = $this->_new_password_form();
if ($view->content->validate()) {
$user = user::lookup_user_by_field("hash", Input::instance()->get("key"));
$user = user::lookup_by_hash(Input::instance()->post("hash"));
if (empty($user)) {
throw new Exception("@todo FORBIDDEN", 503);
}