[Koha-bugs] [Bug 18025] Expired password recovery links cause sql crash
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Feb 10 11:42:34 CET 2017
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18025
Marc Véron <veron at veron.ch> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #59760|0 |1
is obsolete| |
--- Comment #2 from Marc Véron <veron at veron.ch> ---
Created attachment 60108
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=60108&action=edit
Bug 18025 - Expired password recovery links cause sql crash
When a user gets an email, but doesn't act or visit it within two days,
attempting to create a new one causes a collision. We should just
delete the old one, assuming they still want to reset their
password.
To test:
create yourself a borrower with a userid and password.
Attempt a password recovery on the OPAC
update the entry in the database for that user to have an expired token
e.g. update borrower_password_recovery set valid_until = '2017-01-25
03:25:26' where borrowernumber = 12;
Attempt another password recovery operation - should error
apply the patch
Try it again - no error, new token is generated and additional email
with new link is sent.
Issue reproduced without patch; resolved with patch.
Signed-off-by: Marc Véron <veron at veron.ch>
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list