diff options
| author | Lukas Fleischer <archlinux@cryptocrack.de> | 2014-01-08 16:03:58 +0100 |
|---|---|---|
| committer | Lukas Fleischer <archlinux@cryptocrack.de> | 2014-01-11 12:08:24 +0100 |
| commit | cc490ce8d6ec2b727aa18b5bacbbd60d0d739c27 (patch) | |
| tree | 5bbd3f85863c5d7464c43ec613c9ee8a19d9f4f8 | |
| parent | 48b74071f0eb787ced7dd6dd6a9063c1461debc6 (diff) | |
| download | aur-cc490ce8d6ec2b727aa18b5bacbbd60d0d739c27.tar.gz aur-cc490ce8d6ec2b727aa18b5bacbbd60d0d739c27.tar.xz | |
passreset.php: Error out if e-mail is empty
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
| -rw-r--r-- | web/html/passreset.php | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/web/html/passreset.php b/web/html/passreset.php index 59fd4bc4..e926161d 100644 --- a/web/html/passreset.php +++ b/web/html/passreset.php @@ -37,14 +37,19 @@ if (isset($_GET['resetkey'], $_POST['email'], $_POST['password'], $_POST['confir } } elseif (isset($_POST['email'])) { $email = $_POST['email']; - $body = __('A password reset request was submitted for the account '. - 'associated with your e-mail address. If you wish to reset '. - 'your password follow the link below, otherwise ignore '. - 'this message and nothing will happen.'). - send_resetkey($email, $body); - header('Location: ' . get_uri('/passreset/') . '?step=confirm'); - exit(); + if (empty($email)) { + $error = __('Missing a required field.'); + } else { + $body = __('A password reset request was submitted for the account '. + 'associated with your e-mail address. If you wish to reset '. + 'your password follow the link below, otherwise ignore '. + 'this message and nothing will happen.'). + send_resetkey($email, $body); + + header('Location: ' . get_uri('/passreset/') . '?step=confirm'); + exit(); + } } $step = isset($_GET['step']) ? $_GET['step'] : NULL; |