diff options
| author | Carson Fleming <cflems@cflems.net> | 2017-03-07 17:23:52 -0500 |
|---|---|---|
| committer | Carson Fleming <cflems@cflems.net> | 2017-03-07 17:23:52 -0500 |
| commit | 4132092529e478435c2c358203b291cd7b4c579c (patch) | |
| tree | f49484c75de51dd69fce3f4ec6b437b11a2c9af0 /dash/profile.php | |
| parent | b76e2ff898b23745d4c9aaee49eeb7d88f2896ab (diff) | |
| download | bulletin-4132092529e478435c2c358203b291cd7b4c579c.tar.gz | |
Fixed email changing mechanics
Diffstat (limited to 'dash/profile.php')
| -rw-r--r-- | dash/profile.php | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/dash/profile.php b/dash/profile.php index de9d562..e0db54d 100644 --- a/dash/profile.php +++ b/dash/profile.php @@ -68,9 +68,10 @@ $phonelink = '+'.preg_replace('/[^0-9]/', '', $user['phone']); $deactivate = ''; $usepropic = ''; if ($_POST['email'] != $b_user['email']) { - $deactivate = ', active = 0'; + $session = uniqid('ch', true); + $deactivate = ', session = \''.bulletin_hash($session).'\', active = 0'; bulletin_mail($_POST['email'], 'Verify Your Bulletin Email', tpl(array( - 'activation_vars' => 'uid='.$b_user['id'].'&key='.$b_user['session'], + 'activation_vars' => 'uid='.$b_user['id'].'&key='.$session, ), 'changed.tpl')) or dash_fatal('We couldn\'t send mail to your new email address, so your profile has not been updated.'); } if (!empty($_FILES['picture']['tmp_name'])) { |