diff options
| author | redmatrix <redmatrix@redmatrix.me> | 2015-08-14 22:19:15 -0700 |
|---|---|---|
| committer | redmatrix <redmatrix@redmatrix.me> | 2015-08-14 22:19:15 -0700 |
| commit | 0d84c77c6c09f1e73e1ce1c5516ccf881b1dcdde (patch) | |
| tree | 13c48261201e60a53c8076e38acf408761570a5b /mod/lostpass.php | |
| parent | 98f3242e73700359d1ec2f424bed331e011d5aa9 (diff) | |
| download | volse-hubzilla-0d84c77c6c09f1e73e1ce1c5516ccf881b1dcdde.tar.gz volse-hubzilla-0d84c77c6c09f1e73e1ce1c5516ccf881b1dcdde.tar.bz2 volse-hubzilla-0d84c77c6c09f1e73e1ce1c5516ccf881b1dcdde.zip | |
set email verified if lost password workflow is completed to avoid the situation where they can reset the password but still not be able to login because the original email verification was lost.
Diffstat (limited to 'mod/lostpass.php')
| -rw-r--r-- | mod/lostpass.php | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/mod/lostpass.php b/mod/lostpass.php index 3269128f1..3dbc2fe7d 100644 --- a/mod/lostpass.php +++ b/mod/lostpass.php @@ -72,10 +72,11 @@ function lostpass_content(&$a) { $salt = random_string(32); $password_encoded = hash('whirlpool', $salt . $new_password); - - $r = q("UPDATE account SET account_salt = '%s', account_password = '%s', account_reset = '' where account_id = %d", + + $r = q("UPDATE account SET account_salt = '%s', account_password = '%s', account_reset = '', account_flags = (account_flags & ~%d) where account_id = %d", dbesc($salt), dbesc($password_encoded), + intval(ACCOUNT_UNVERIFIED), intval($aid) ); |