diff options
author | mam <m.maengel@project-biz.de> | 2014-02-18 23:26:46 +0100 |
---|---|---|
committer | mam <m.maengel@project-biz.de> | 2014-02-18 23:26:46 +0100 |
commit | 351c76a5a61a9d0ac9564580cfb66b5090505443 (patch) | |
tree | 01f47dba738e2db73a3d131bdd2753727052af43 /pages | |
parent | 2636d78df8972e2fae91c0785c0a87262adc62bb (diff) | |
download | cacert-devel-351c76a5a61a9d0ac9564580cfb66b5090505443.tar.gz cacert-devel-351c76a5a61a9d0ac9564580cfb66b5090505443.tar.xz cacert-devel-351c76a5a61a9d0ac9564580cfb66b5090505443.zip |
bug 1138: added ticket validation for password reset
Diffstat (limited to 'pages')
-rw-r--r-- | pages/account/44.php | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/pages/account/44.php b/pages/account/44.php index 9e4e194..51e853a 100644 --- a/pages/account/44.php +++ b/pages/account/44.php @@ -18,7 +18,10 @@ <? if(array_key_exists('error',$_SESSION['_config']) && $_SESSION['_config']['error'] != "") { ?><div color="orange">ERROR: <?=$_SESSION['_config']['error']?></div><? unset($_SESSION['_config']['error']); } $ticketno = ""; if(array_key_exists('ticketno', $_SESSION)) $ticketno = $_SESSION['ticketno']; - +if (!valid_ticket_number($ticketno)) { + echo printf(_("I'm sorry, you did not enter a ticket number!%sYou cannot reset the password.%s"), '<br/>', '<br/><a href="account.php?id=43&userid=' . intval($_REQUEST['userid']) .'">'. _('Back to previous page.').'</a>'); + exit; + } ?> <form method="post" action="account.php"> |