maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

use same error message for invalid user and disabled password reset to not give away if a user exists

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2022-12-02 13:24:27 +01:00
parent 3fda5be5a3
commit 0562d248b5
3 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
index.php
View File

@@ -579,7 +579,7 @@ if ($action == 'forgotpwd') {
unset($user);
}
} else {
$message = $lng['login']['usernotfound'];
$message = $lng['pwdreminder']['notallowed'];
}
}
}

2
lng/english.lng.php
View File

@@ -761,7 +761,7 @@ $lng['pwdreminder']['success'] = 'Password reset successfully requested. Please
// ADDED IN 1.2.19-svn18
$lng['serversettings']['allow_password_reset']['title'] = 'Allow password reset by customers';
$lng['pwdreminder']['notallowed'] = 'Password reset is disabled';
$lng['pwdreminder']['notallowed'] = 'Unknown user or password reset is disabled';
// ADDED IN 1.2.19-svn21

2
lng/german.lng.php
View File

@@ -754,7 +754,7 @@ $lng['pwdreminder']['success'] = 'Das Zurücksetzen des Passworts wurde erfolgre
// ADDED IN 1.2.19-svn18
$lng['serversettings']['allow_password_reset']['title'] = 'Erlaube das Zurücksetzen des Kundenpassworts.';
$lng['pwdreminder']['notallowed'] = 'Das Zurücksetzen des Passworts ist deaktiviert.';
$lng['pwdreminder']['notallowed'] = 'Unbekannter Benutzer oder Zurücksetzen des Passworts ist deaktiviert.';
// ADDED IN 1.2.19-svn21