From 4e5b9b23de15fe6a5d0c7f9c26174e0606e57271 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Tue, 21 Dec 2021 22:23:35 +0100
Subject: [PATCH] [ticket/security-273] Reset reset token info when
 re-activating account

SECURITY-273
---
 phpBB/includes/ucp/ucp_activate.php | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)

diff --git a/phpBB/includes/ucp/ucp_activate.php b/phpBB/includes/ucp/ucp_activate.php
index bb22fe1437..98093aeeaa 100644
--- a/phpBB/includes/ucp/ucp_activate.php
+++ b/phpBB/includes/ucp/ucp_activate.php
@@ -76,10 +76,12 @@ class ucp_activate
 		if ($update_password)
 		{
 			$sql_ary = array(
-				'user_actkey'		=> '',
-				'user_password'		=> $user_row['user_newpasswd'],
-				'user_newpasswd'	=> '',
-				'user_login_attempts'	=> 0,
+				'user_actkey'				=> '',
+				'user_password'				=> $user_row['user_newpasswd'],
+				'user_newpasswd'			=> '',
+				'user_login_attempts'		=> 0,
+				'reset_token'				=> '',
+				'reset_token_expiration'	=> 0,
 			);
 
 			$sql = 'UPDATE ' . USERS_TABLE . '
@@ -101,8 +103,14 @@ class ucp_activate
 
 			user_active_flip('activate', $user_row['user_id']);
 
-			$sql = 'UPDATE ' . USERS_TABLE . "
-				SET user_actkey = ''
+			$sql_ary = [
+				'user_actkey'				=> '',
+				'reset_token'				=> '',
+				'reset_token_expiration'	=> 0,
+			];
+
+			$sql = 'UPDATE ' . USERS_TABLE . '
+				SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
 				WHERE user_id = {$user_row['user_id']}";
 			$db->sql_query($sql);