X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Frecoverpassword.php;h=71f673bd3bd659cb0826efbe0fca0f0924ade9ea;hb=e3789488c60c245017b5a685245b2e9b25cc7557;hp=c41edaeea409455beba5cd8adde5e1fc841c351d;hpb=c0bb1a57984266024e8e5a968c0f3a3b54befff6;p=quix0rs-gnu-social.git diff --git a/actions/recoverpassword.php b/actions/recoverpassword.php index c41edaeea4..71f673bd3b 100644 --- a/actions/recoverpassword.php +++ b/actions/recoverpassword.php @@ -19,7 +19,7 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } -# You have 24 hours to claim your password +// You have 24 hours to claim your password define('MAX_RECOVERY_TIME', 24 * 60 * 60); @@ -81,7 +81,7 @@ class RecoverpasswordAction extends Action $touched = strtotime($confirm->modified); $email = $confirm->address; - # Burn this code + // Burn this code $result = $confirm->delete(); @@ -92,8 +92,8 @@ class RecoverpasswordAction extends Action return; } - # These should be reaped, but for now we just check mod time - # Note: it's still deleted; let's avoid a second attempt! + // These should be reaped, but for now we just check mod time + // Note: it's still deleted; let's avoid a second attempt! if ((time() - $touched) > MAX_RECOVERY_TIME) { common_log(LOG_WARNING, @@ -105,8 +105,8 @@ class RecoverpasswordAction extends Action return; } - # If we used an outstanding confirmation to send the email, - # it's been confirmed at this point. + // If we used an outstanding confirmation to send the email, + // it's been confirmed at this point. if (!$user->email) { $orig = clone($user); @@ -120,7 +120,7 @@ class RecoverpasswordAction extends Action } } - # Success! + // Success! $this->setTempUser($user); $this->showPasswordForm(); @@ -162,8 +162,8 @@ class RecoverpasswordAction extends Action ' the email address you have stored' . ' in your account.')); } else if ($this->mode == 'reset') { - // TRANS: Page notice for password change page. $this->element('p', null, + // TRANS: Page notice for password change page. _('You have been identified. Enter a' . ' new password below.')); } @@ -226,7 +226,7 @@ class RecoverpasswordAction extends Action // TRANS: Title for password recovery page in email sent mode. case 'sent': return _('Password recovery requested'); // TRANS: Title for password recovery page in password saved mode. - case 'saved': return _('Password saved.'); + case 'saved': return _('Password saved'); default: // TRANS: Title for password recovery page when an unknown action has been specified. return _('Unknown action'); @@ -282,10 +282,14 @@ class RecoverpasswordAction extends Action $user = User::staticGet('email', common_canonical_email($nore)); if (!$user) { - $user = User::staticGet('nickname', common_canonical_nickname($nore)); + try { + $user = User::staticGet('nickname', common_canonical_nickname($nore)); + } catch (NicknameException $e) { + // invalid + } } - # See if it's an unconfirmed email address + // See if it's an unconfirmed email address if (!$user) { // Warning: it may actually be legit to have multiple folks @@ -310,7 +314,7 @@ class RecoverpasswordAction extends Action return; } - # Try to get an unconfirmed email address if they used a user name + // Try to get an unconfirmed email address if they used a user name if (!$user->email && !$confirm_email) { $confirm_email = new Confirm_address(); @@ -328,7 +332,7 @@ class RecoverpasswordAction extends Action return; } - # Success! We have a valid user and a confirmed or unconfirmed email address + // Success! We have a valid user and a confirmed or unconfirmed email address $confirm = new Confirm_address(); $confirm->code = common_confirmation_code(128); @@ -376,7 +380,7 @@ class RecoverpasswordAction extends Action function resetPassword() { - # CSRF protection + // CSRF protection $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { // TRANS: Form validation error message. @@ -406,7 +410,7 @@ class RecoverpasswordAction extends Action return; } - # OK, we're ready to go + // OK, we're ready to go $original = clone($user);