[Fusionforge-general] [PATCH 4/5] fix the confirm_hash creation
Gonéri Le Bouder
goneri at rulezlan.org
Thu Feb 26 15:32:36 CET 2009
session_hash is not declared global and so = null, we use the
$GLOBALS['session_ser'] instead.
---
gforge/www/account/change_email.php | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/gforge/www/account/change_email.php b/gforge/www/account/change_email.php
index da3f5d7..c402c8f 100644
--- a/gforge/www/account/change_email.php
+++ b/gforge/www/account/change_email.php
@@ -39,7 +39,7 @@ if (getStringFromRequest('submit')) {
exit_error(_('Error'),_('Invalid email address.'));
}
- $confirm_hash = substr(md5($session_hash . time()),0,16);
+ $confirm_hash = substr(md5($GLOBALS['session_ser'] . time()),0,16);
$u =& user_get_object(user_getid());
if (!$u || !is_object($u)) {
--
1.6.1.3
More information about the Fusionforge-general
mailing list