[ticket/security/276] Centralise call for token expiration

SECURITY-276
2025-08-16 05:34:01 +02:00 · 2024-05-09 11:51:59 +02:00
parent 7c661746cf
commit 1c1c981b17
8 changed files with 20 additions and 10 deletions
--- a/phpBB/includes/ucp/ucp_profile.php
+++ b/phpBB/includes/ucp/ucp_profile.php
@@ -198,7 +198,7 @@ class ucp_profile
 								$notifications_manager->add_notifications('notification.type.admin_activate_user', array(
 									'user_id'					=> $user->data['user_id'],
 									'user_actkey'				=> $user_actkey,
-									'user_actkey_expiration'	=> strtotime('+1 day'), // 24 hours until activation can be resent
+									'user_actkey_expiration'	=> $user::get_token_expiration(),
 									'user_regdate'				=> time(), // Notification time
 								));
 							}
--- a/phpBB/includes/ucp/ucp_register.php
+++ b/phpBB/includes/ucp/ucp_register.php
@@ -389,7 +389,7 @@ class ucp_register
 					'user_lang'					=> $data['lang'],
 					'user_type'					=> $user_type,
 					'user_actkey'				=> $user_actkey,
-					'user_actkey_expiration'	=> strtotime('+1 day'), // 24 hours until activation can be resent
+					'user_actkey_expiration'	=> $user::get_token_expiration(),
 					'user_ip'					=> $user->ip,
 					'user_regdate'				=> time(),
 					'user_inactive_reason'		=> $user_inactive_reason,
--- a/phpBB/includes/ucp/ucp_resend.php
+++ b/phpBB/includes/ucp/ucp_resend.php
@@ -179,7 +179,7 @@ class ucp_resend
 		global $db, $user;

 		$sql_ary = [
-			'user_actkey_expiration'	=> strtotime('+1 day'),
+			'user_actkey_expiration'	=> $user::get_token_expiration(),
 		];

 		$sql = 'UPDATE ' . USERS_TABLE . '