diff options
author | plegall <plg@piwigo.org> | 2016-02-12 20:20:12 +0100 |
---|---|---|
committer | plegall <plg@piwigo.org> | 2016-02-12 20:20:12 +0100 |
commit | fbd90fa46081cb5a7208dfff83041927f7759b9f (patch) | |
tree | 98ea2addb0c2e48742e92f9565f80d353fc5a2d1 /include | |
parent | 25edfc2663a0d87e6216981c44dadb52d1f8ab72 (diff) |
fixes #414, deactivate auth keys on password change
Diffstat (limited to '')
-rw-r--r-- | include/functions_user.inc.php | 18 | ||||
-rw-r--r-- | include/ws_functions/pwg.users.php | 5 |
2 files changed, 23 insertions, 0 deletions
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php index 2591929b4..66c08d5db 100644 --- a/include/functions_user.inc.php +++ b/include/functions_user.inc.php @@ -1596,4 +1596,22 @@ SELECT return create_user_auth_key($user_id, $user_status); } } + +/** + * Deletes authentication keys + * + * @since 2.8 + * @param int $user_id + * @return null + */ +function deactivate_user_auth_keys($user_id) +{ + $query = ' +UPDATE '.USER_AUTH_KEYS_TABLE.' + SET expired_on = NOW() + WHERE user_id = '.$user_id.' + AND expired_on > NOW() +;'; + pwg_query($query); +} ?> diff --git a/include/ws_functions/pwg.users.php b/include/ws_functions/pwg.users.php index f8fe51c2a..eaa96c9c1 100644 --- a/include/ws_functions/pwg.users.php +++ b/include/ws_functions/pwg.users.php @@ -552,6 +552,11 @@ SELECT array($conf['user_fields']['id'] => $params['user_id'][0]) ); + if (isset($updates[ $conf['user_fields']['password'] ])) + { + deactivate_user_auth_keys($params['user_id'][0]); + } + if (isset($update_status) and count($params['user_id_for_status']) > 0) { $query = ' |