mirror/php-flarum
1
0
Fork 0
mirror of https://github.com/flarum/core.git synced 2025-10-15 00:44:40 +02:00
Code Issues Releases Wiki Activity

Make sure access/email/password tokens are valid

Browse Source
This commit is contained in:
Toby Zerner
2015-08-06 15:04:38 +09:30
parent 32648147e2
commit 3aebd458b0
7 changed files with 29 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/Core/Users/Commands/ConfirmEmailHandler.php
View File

@@ -5,6 +5,7 @@ use Flarum\Events\UserWillBeSaved;
use Flarum\Core\Support\DispatchesEvents;
use Flarum\Core\Exceptions\InvalidConfirmationTokenException;
use Flarum\Core\Users\EmailToken;
use DateTime;
class ConfirmEmailHandler
{
@@ -32,7 +33,7 @@ class ConfirmEmailHandler
{
$token = EmailToken::find($command->token);
if (! $token) {
if (! $token || $token->created_at < new DateTime('-1 day')) {
throw new InvalidConfirmationTokenException;
}