From 82f9b6908cc12b7f46fac2f7e0471febdb789187 Mon Sep 17 00:00:00 2001
From: Mikael Nordfeldth <mmn@hethane.se>
Date: Sat, 30 May 2015 23:29:16 +0200
Subject: [PATCH] Fake recovery by email address, to hide registrants on the
 site

---
 actions/recoverpassword.php | 14 ++++++++++----
 classes/User.php            | 10 +++++++---
 lib/default.php             |  1 +
 3 files changed, 18 insertions(+), 7 deletions(-)

diff --git a/actions/recoverpassword.php b/actions/recoverpassword.php
index 4839a036c0..060ba83510 100644
--- a/actions/recoverpassword.php
+++ b/actions/recoverpassword.php
@@ -272,10 +272,16 @@ class RecoverpasswordAction extends Action
         try {
             User::recoverPassword($nore);
             $this->mode = 'sent';
-            // TRANS: User notification after an e-mail with instructions was sent from the password recovery form.
-            $this->msg = _('Instructions for recovering your password ' .
-                           'have been sent to the email address registered to your ' .
-                           'account.');
+            if (common_is_email($nore) && common_config('site', 'fakeaddressrecovery')) {
+                // TRANS: User notification when recovering password by giving email address,
+                //        regardless if the mail was sent or not (to hide registered email status).
+                $this->msg = _('If the email address you provided was found in the database, a recovery mail with instructions has been sent there.');
+            } else {
+                // TRANS: User notification after an e-mail with instructions was sent from the password recovery form.
+                $this->msg = _('Instructions for recovering your password ' .
+                               'have been sent to the email address registered to your ' .
+                               'account.');
+            }
             $this->success = true;
         } catch (Exception $e) {
             $this->success = false;
diff --git a/classes/User.php b/classes/User.php
index 6a12bb6642..3efaa5e721 100644
--- a/classes/User.php
+++ b/classes/User.php
@@ -873,16 +873,20 @@ class User extends Managed_DataObject
             }
 
             // No luck finding anyone by that email address.
-            // TODO: Fake sending email (since we don't want to reveal which addresses exist or not)
             if (!$user instanceof User) {
-                // TRANS: Information on password recovery form if no known username or e-mail address was specified.
+                if (common_config('site', 'fakeaddressrecovery')) {
+                    // Return without actually doing anything! We fake address recovery
+                    // to avoid revealing which email addresses are registered with the site.
+                    return;
+                }
+                // TRANS: Information on password recovery form if no known e-mail address was specified.
                 throw new ClientException(_('No user with that email address exists here.'));
             }
         } else {
             // This might throw a NicknameException on bad nicknames
             $user = User::getKV('nickname', common_canonical_nickname($nore));
             if (!$user instanceof User) {
-                // TRANS: Information on password recovery form if no known username or e-mail address was specified.
+                // TRANS: Information on password recovery form if no known username was specified.
                 throw new ClientException(_('No user with that nickname exists here.'));
             }
         }
diff --git a/lib/default.php b/lib/default.php
index 6369fbddc6..0ec9fc4e14 100644
--- a/lib/default.php
+++ b/lib/default.php
@@ -48,6 +48,7 @@ $default =
               'languages' => get_all_languages(),
               'email' =>
               array_key_exists('SERVER_ADMIN', $_SERVER) ? $_SERVER['SERVER_ADMIN'] : null,
+              'fakeaddressrecovery' => true,
               'broughtby' => null,
               'timezone' => 'UTC',
               'broughtbyurl' => null,
-- 
2.39.2