[Fusionforge-general] [PATCH 4/5] fix the confirm_hash creation

Gonéri Le Bouder goneri at rulezlan.org
Thu Feb 26 15:32:36 CET 2009


session_hash is not declared global and so = null, we use the
$GLOBALS['session_ser'] instead.
---
 gforge/www/account/change_email.php |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/gforge/www/account/change_email.php b/gforge/www/account/change_email.php
index da3f5d7..c402c8f 100644
--- a/gforge/www/account/change_email.php
+++ b/gforge/www/account/change_email.php
@@ -39,7 +39,7 @@ if (getStringFromRequest('submit')) {
 		exit_error(_('Error'),_('Invalid email address.'));
 	}
 
-	$confirm_hash = substr(md5($session_hash . time()),0,16);
+	$confirm_hash = substr(md5($GLOBALS['session_ser'] . time()),0,16);
 
 	$u =& user_get_object(user_getid());
 	if (!$u || !is_object($u)) {
-- 
1.6.1.3






More information about the Fusionforge-general mailing list