mirror/php-flarum
1
0
Fork 0
mirror of https://github.com/flarum/core.git synced 2025-07-26 03:01:22 +02:00
Code Issues Releases Wiki Activity

Validation on password change

Browse Source
This commit is contained in:
Piyush Agrawal
2016-04-28 15:28:39 +05:30
parent bdcea8e152
commit 9bfc1f2c09
1 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
framework/core/src/Forum/Controller/SavePasswordController.php
View File

@@ -11,6 +11,7 @@
namespace Flarum\Forum\Controller; namespace Flarum\Forum\Controller;
use Flarum\Core\PasswordToken; use Flarum\Core\PasswordToken;
use Flarum\Core\Validator\UserValidator;
use Flarum\Forum\UrlGenerator; use Flarum\Forum\UrlGenerator;
use Flarum\Http\Controller\ControllerInterface; use Flarum\Http\Controller\ControllerInterface;
use Flarum\Http\SessionAuthenticator; use Flarum\Http\SessionAuthenticator;
@@ -24,6 +25,11 @@ class SavePasswordController implements ControllerInterface
*/ */
protected $url; protected $url;
/**
* @var UserValidator
*/
protected $validator;
/** /**
* @var SessionAuthenticator * @var SessionAuthenticator
*/ */
@@ -33,10 +39,11 @@ class SavePasswordController implements ControllerInterface
* @param UrlGenerator $url * @param UrlGenerator $url
* @param SessionAuthenticator $authenticator * @param SessionAuthenticator $authenticator
*/ */
public function __construct(UrlGenerator $url, SessionAuthenticator $authenticator) public function __construct(UrlGenerator $url, SessionAuthenticator $authenticator, UserValidator $validator)
{ {
$this->url = $url; $this->url = $url;
$this->authenticator = $authenticator; $this->authenticator = $authenticator;
$this->validator = $validator;
} }
/** /**
@@ -52,6 +59,8 @@ class SavePasswordController implements ControllerInterface
$password = array_get($input, 'password'); $password = array_get($input, 'password');
$confirmation = array_get($input, 'password_confirmation'); $confirmation = array_get($input, 'password_confirmation');
$this->validator->assertValid(compact('password'));
if (! $password || $password !== $confirmation) { if (! $password || $password !== $confirmation) {
return new RedirectResponse($this->url->toRoute('resetPassword', ['token' => $token->id])); return new RedirectResponse($this->url->toRoute('resetPassword', ['token' => $token->id]));
} }