[dev] [commit] r1041 - wwwbase/auth
automailer at dexonline.ro
automailer at dexonline.ro
Sun Dec 1 13:13:40 EET 2013
Author: cata
Date: Sun Dec 1 13:13:40 2013
New Revision: 1041
Log:
Do not disclose valid email addresses on the password recovery page.
Modified:
wwwbase/auth/parola-uitata.php
Modified: wwwbase/auth/parola-uitata.php
==============================================================================
--- wwwbase/auth/parola-uitata.php Sat Nov 30 11:10:29 2013 (r1040)
+++ wwwbase/auth/parola-uitata.php Sun Dec 1 13:13:40 2013 (r1041)
@@ -35,13 +35,9 @@
$ourEmail = Config::get('global.contact');
$headers = array("From: DEX online <$ourEmail>", "Reply-To: $ourEmail", 'Content-Type: text/plain; charset=UTF-8');
$result = mail($email, "Schimbarea parolei pentru DEX online", $body, implode("\r\n", $headers));
-
- // Display a confirmation even for incorrect addresses.
- SmartyWrap::displayCommonPageWithSkin('auth/passwordRecoveryEmailSent.ihtml');
- } else {
- FlashMessage::add('Nu există niciun utilizator cu e-mailul introdus.');
- SmartyWrap::displayCommonPageWithSkin('auth/parola-uitata.ihtml');
}
+ // Display a confirmation even for incorrect addresses.
+ SmartyWrap::displayCommonPageWithSkin('auth/passwordRecoveryEmailSent.ihtml');
}
} else {
SmartyWrap::displayCommonPageWithSkin('auth/parola-uitata.ihtml');
More information about the Dev
mailing list