Commit d42bbfaa authored by Vincent Petry's avatar Vincent Petry Committed by GitHub

Merge pull request #27509 from imujjwal96/issue_27506

Email confirmation link fix
parents 31d09676 50b5edcb
......@@ -241,7 +241,7 @@ class UsersController extends Controller {
}
$splittedToken = explode(':', $this->config->getUserValue($userId, 'owncloud', 'changeMail', null));
if(count($splittedToken) !== 2) {
if(count($splittedToken) !== 3) {
$this->config->deleteUserValue($userId, 'owncloud', 'changeMail');
throw new \Exception($this->l10n->t('Couldn\'t change the email address because the token is invalid'));
}
......@@ -740,7 +740,7 @@ class UsersController extends Controller {
$token = $this->config->getUserValue($userId, 'owncloud', 'changeMail');
if ($token !== '') {
$splittedToken = explode(':', $token);
if ((count($splittedToken)) === 2 && $splittedToken[0] > ($this->timeFactory->getTime() - 60 * 5)) {
if ((count($splittedToken)) === 3 && $splittedToken[0] > ($this->timeFactory->getTime() - 60 * 5)) {
$this->log->alert('The email is not sent because an email change confirmation mail was sent recently.');
return false;
}
......@@ -750,9 +750,9 @@ class UsersController extends Controller {
ISecureRandom::CHAR_DIGITS .
ISecureRandom::CHAR_LOWER .
ISecureRandom::CHAR_UPPER);
$this->config->setUserValue($userId, 'owncloud', 'changeMail', $this->timeFactory->getTime() . ':' . $token);
$this->config->setUserValue($userId, 'owncloud', 'changeMail', $this->timeFactory->getTime() . ':' . $token . ':' . $mailAddress);
$link = $this->urlGenerator->linkToRouteAbsolute('settings.Users.changeMail', ['userId' => $userId, 'token' => $token, 'mailAddress' => $mailAddress]);
$link = $this->urlGenerator->linkToRouteAbsolute('settings.Users.changeMail', ['userId' => $userId, 'token' => $token]);
$tmpl = new \OC_Template('settings', 'changemail/email');
$tmpl->assign('link', $link);
......@@ -793,11 +793,10 @@ class UsersController extends Controller {
*
* @param $token
* @param $userId
* @param $mailAddress
* @return RedirectResponse
* @throws \Exception
*/
public function changeMail($token, $userId, $mailAddress) {
public function changeMail($token, $userId) {
$user = $this->userManager->get($userId);
$sessionUser = $this->userSession->getUser();
......@@ -815,6 +814,9 @@ class UsersController extends Controller {
$oldEmailAddress = $user->getEMailAddress();
$splittedToken = explode(':', $this->config->getUserValue($userId, 'owncloud', 'changeMail', null));
$mailAddress = $splittedToken[2];
$this->setEmailAddress($userId, $mailAddress);
if ($oldEmailAddress !== null) {
......
......@@ -63,7 +63,7 @@ $application->registerRoutes($this, [
['name' => 'Certificate#removeSystemRootCertificate', 'url' => '/settings/admin/certificate/{certificateIdentifier}', 'verb' => 'DELETE'],
['name' => 'SettingsPage#getPersonal', 'url' => '/settings/personal', 'verb' => 'GET'],
['name' => 'SettingsPage#getAdmin', 'url' => '/settings/admin', 'verb' => 'GET'],
['name' => 'Users#changeMail', 'url' => '/settings/mailaddress/change/{token}/{userId}/{mailAddress}', 'verb' => 'GET'],
['name' => 'Users#changeMail', 'url' => '/settings/mailaddress/change/{token}/{userId}', 'verb' => 'GET'],
]
]);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment