mirror/php-flarum
1
0
Fork 0
mirror of https://github.com/flarum/core.git synced 2025-10-28 14:06:30 +01:00
Code Issues Releases Wiki Activity

Always invalidate all user email tokens

Browse Source 
Reported by B. Dhiyaneshwaran of Geek Freak.
This commit is contained in:
Franz Liedke
2018-11-29 00:33:42 +01:00
parent 546b4f01ac
commit 66607a5674
2 changed files with 12 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/User/Command/ConfirmEmailHandler.php
View File

@@ -53,7 +53,8 @@ class ConfirmEmailHandler
$user->save();
$this->dispatchEventsFor($user);
$token->delete();
// Delete *all* tokens for the user, in case other ones were sent first
$user->emailTokens()->delete();
return $user;
}