zydronium/neocities
1
0
Fork 0
mirror of https://github.com/neocities/neocities.git synced 2025-04-24 17:22:35 +02:00
Code Issues Projects Releases Packages Wiki Activity

patch hole with password reset (why are people such dicks)

Browse source
This commit is contained in:
Kyle Drake 2013-07-22 16:01:39 +02:00
parent ffaa6b2ac3
commit 237ce5f419
1 changed files with 14 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
app.rb
View file

@ -475,11 +475,23 @@ the NeoCities Cat
end end
get '/password_reset_confirm' do get '/password_reset_confirm' do
sites = Site.filter(password_reset_token: params[:token]).all if params[:token].nil? || params[:token].empty?
flash[:error] = 'Could not find a site with this token.'
redirect '/'
end
reset_site = Site[password_reset_token: params[:token]]
if reset_site.nil?
flash[:error] = 'Could not find a site with this token.'
redirect '/'
end
sites = Site.filter(email: reset_site.email).all
if sites.length > 0 if sites.length > 0
sites.each do |site| sites.each do |site|
site.password = params[:token] site.password = reset_site.password_reset_token
site.save site.save
end end