mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-31 22:10:45 +02:00
Code Issues Releases Wiki Activity

[ticket/security/276] Centralise call for token expiration

Browse Source 
SECURITY-276
This commit is contained in:
Marc Alexander
2024-05-09 11:51:59 +02:00
parent 7c661746cf
commit 1c1c981b17
8 changed files with 20 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
phpBB/includes/acp/acp_users.php
View File

@@ -388,12 +388,12 @@ class acp_users
// Always update actkey even if same and also update actkey expiration to 24 hours from now
$sql_ary = [
'user_actkey' => $user_actkey,
'user_actkey_expiration' => strtotime('+1 day'),
'user_actkey_expiration' => $user::get_token_expiration(),
];
$sql = 'UPDATE ' . USERS_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id = ' . $user_id;
WHERE user_id = ' . (int) $user_id;
$db->sql_query($sql);
// Start sending email