phpBB

Code Changes

File: phpbb/ucp/controller/reset_password.php

  Unmodified   Added   Modified   Removed
Line 118Line 118
		if (!$this->config['allow_password_reset'])
{
throw new http_exception(Response::HTTP_OK, 'UCP_PASSWORD_RESET_DISABLED', [

		if (!$this->config['allow_password_reset'])
{
throw new http_exception(Response::HTTP_OK, 'UCP_PASSWORD_RESET_DISABLED', [

				'<a href="mailto:' . htmlspecialchars($this->config['board_contact']) . '">',

				'<a href="mailto:' . htmlspecialchars($this->config['board_contact'], ENT_COMPAT) . '">',

				'</a>'
]);
}

				'</a>'
]);
}

Line 242Line 242

$sql_ary = [
'reset_token' => $reset_token,


$sql_ary = [
'reset_token' => $reset_token,

					'reset_token_expiration'	=> strtotime('+1 day'),

					'reset_token_expiration'	=> $this->user::get_token_expiration(),

				];

$sql = 'UPDATE ' . $this->users_table . '

				];

$sql = 'UPDATE ' . $this->users_table . '

Line 265Line 265
				$messenger->anti_abuse_headers($this->config, $this->user);

$messenger->assign_vars([

				$messenger->anti_abuse_headers($this->config, $this->user);

$messenger->assign_vars([

						'USERNAME'			=> htmlspecialchars_decode($user_row['username']),

						'USERNAME'			=> html_entity_decode($user_row['username'], ENT_COMPAT),

						'U_RESET_PASSWORD'	=> generate_board_url(true) . $this->helper->route('phpbb_ucp_reset_password_controller', [
'u' => $user_row['user_id'],
'token' => $reset_token,

						'U_RESET_PASSWORD'	=> generate_board_url(true) . $this->helper->route('phpbb_ucp_reset_password_controller', [
'u' => $user_row['user_id'],
'token' => $reset_token,

Line 407Line 407
			{
$sql_ary = [
'user_password' => $this->passwords_manager->hash($data['new_password']),

			{
$sql_ary = [
'user_password' => $this->passwords_manager->hash($data['new_password']),

 
					'user_passchg'				=> time(),

					'user_login_attempts'		=> 0,
'reset_token' => '',
'reset_token_expiration' => 0,

					'user_login_attempts'		=> 0,
'reset_token' => '',
'reset_token_expiration' => 0,

Line 415Line 416
							SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . (int) $user_row['user_id'];
$this->db->sql_query($sql);

							SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . (int) $user_row['user_id'];
$this->db->sql_query($sql);

 
				$this->user->reset_login_keys($user_row['user_id']);

				$this->log->add('user', $user_row['user_id'], $this->user->ip, 'LOG_USER_NEW_PASSWORD', false, [
'reportee_id' => $user_row['user_id'],
$user_row['username']

				$this->log->add('user', $user_row['user_id'], $this->user->ip, 'LOG_USER_NEW_PASSWORD', false, [
'reportee_id' => $user_row['user_id'],
$user_row['username']

Line 422Line 424
				meta_refresh(3, append_sid("{$this->root_path}index.{$this->php_ext}"));
return $this->helper->message($this->language->lang('PASSWORD_RESET'));
}

				meta_refresh(3, append_sid("{$this->root_path}index.{$this->php_ext}"));
return $this->helper->message($this->language->lang('PASSWORD_RESET'));
}

		}

if (!empty($errors))
{
$this->template->assign_block_vars_array('PASSWORD_RESET_ERRORS', array_map([$this->language, 'lang'], $errors));

 
		}

$this->template->assign_vars([

		}

$this->template->assign_vars([

 
			'PASSWORD_RESET_ERRORS'		=> !empty($errors) ? array_map([$this->language, 'lang'], $errors) : '',

			'S_IS_PASSWORD_RESET'		=> true,
'U_RESET_PASSWORD_ACTION' => $this->helper->route('phpbb_ucp_reset_password_controller'),

			'S_IS_PASSWORD_RESET'		=> true,
'U_RESET_PASSWORD_ACTION' => $this->helper->route('phpbb_ucp_reset_password_controller'),

 
			'L_CHANGE_PASSWORD_EXPLAIN'	=> $this->language->lang($this->config['pass_complex'] . '_EXPLAIN', $this->language->lang('CHARACTERS', (int) $this->config['min_pass_chars'])),

			'S_HIDDEN_FIELDS'			=> build_hidden_fields([
'u' => $user_id,
'token' => $reset_token,

			'S_HIDDEN_FIELDS'			=> build_hidden_fields([
'u' => $user_id,
'token' => $reset_token,