aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2018-01-27 15:20:43 -0800
committerzotlabs <mike@macgirvin.com>2018-01-27 15:20:43 -0800
commit21f464a5577e84b808fd56efdc49117a64c8dc30 (patch)
tree9afd911a7bcb3aa161b385120035d77a5a94681e /Zotlabs
parent69099a2732b749b4e370e16523152068e15cbd6f (diff)
downloadvolse-hubzilla-21f464a5577e84b808fd56efdc49117a64c8dc30.tar.gz
volse-hubzilla-21f464a5577e84b808fd56efdc49117a64c8dc30.tar.bz2
volse-hubzilla-21f464a5577e84b808fd56efdc49117a64c8dc30.zip
Guranteed somebody will paste the verification link and not the token, especially before all the translations are completed. But even then...
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Module/Email_validation.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/Zotlabs/Module/Email_validation.php b/Zotlabs/Module/Email_validation.php
index 4cc016847..162501140 100644
--- a/Zotlabs/Module/Email_validation.php
+++ b/Zotlabs/Module/Email_validation.php
@@ -8,7 +8,7 @@ class Email_validation extends \Zotlabs\Web\Controller {
function post() {
if($_POST['token']) {
- if(! account_approve(trim($_POST['token']))) {
+ if(! account_approve(trim(basename($_POST['token'])))) {
notice('Token verification failed.');
}
}