phpBB

Code Changes

File: phpbb/ucp/controller/reset_password.php

  Unmodified   Added   Modified   Removed
Line 242Line 242

$sql_ary = [
'reset_token' => $reset_token,


$sql_ary = [
'reset_token' => $reset_token,

					'reset_token_expiration'	=> strtotime('+1 day'),

					'reset_token_expiration'	=> $this->user::get_token_expiration(),

				];

$sql = 'UPDATE ' . $this->users_table . '

				];

$sql = 'UPDATE ' . $this->users_table . '

Line 265Line 265
				$messenger->anti_abuse_headers($this->config, $this->user);

$messenger->assign_vars([

				$messenger->anti_abuse_headers($this->config, $this->user);

$messenger->assign_vars([

						'USERNAME'			=> htmlspecialchars_decode($user_row['username'], ENT_COMPAT),

						'USERNAME'			=> html_entity_decode($user_row['username'], ENT_COMPAT),

						'U_RESET_PASSWORD'	=> generate_board_url(true) . $this->helper->route('phpbb_ucp_reset_password_controller', [
'u' => $user_row['user_id'],
'token' => $reset_token,

						'U_RESET_PASSWORD'	=> generate_board_url(true) . $this->helper->route('phpbb_ucp_reset_password_controller', [
'u' => $user_row['user_id'],
'token' => $reset_token,

Line 407Line 407
			{
$sql_ary = [
'user_password' => $this->passwords_manager->hash($data['new_password']),

			{
$sql_ary = [
'user_password' => $this->passwords_manager->hash($data['new_password']),

 
					'user_passchg'				=> time(),

					'user_login_attempts'		=> 0,
'reset_token' => '',
'reset_token_expiration' => 0,

					'user_login_attempts'		=> 0,
'reset_token' => '',
'reset_token_expiration' => 0,

Line 415Line 416
							SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . (int) $user_row['user_id'];
$this->db->sql_query($sql);

							SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . (int) $user_row['user_id'];
$this->db->sql_query($sql);

 
				$this->user->reset_login_keys($user_row['user_id']);

				$this->log->add('user', $user_row['user_id'], $this->user->ip, 'LOG_USER_NEW_PASSWORD', false, [
'reportee_id' => $user_row['user_id'],
$user_row['username']

				$this->log->add('user', $user_row['user_id'], $this->user->ip, 'LOG_USER_NEW_PASSWORD', false, [
'reportee_id' => $user_row['user_id'],
$user_row['username']