[Koha-bugs] [Bug 18025] Expired password recovery links cause sql crash
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Feb 16 08:49:45 CET 2017
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18025
Jonathan Druart <jonathan.druart at bugs.koha-community.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #60245|0 |1
is obsolete| |
Attachment #60295|0 |1
is obsolete| |
Attachment #60296|0 |1
is obsolete| |
--- Comment #12 from Jonathan Druart <jonathan.druart at bugs.koha-community.org> ---
Created attachment 60303
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=60303&action=edit
Bug 18025 - Expired password recovery links cause sql crash
When a user gets an email, but doesn't act or visit it within two days,
attempting to create a new one causes a collision. We should just
delete the old one, assuming they still want to reset their
password.
To test:
create yourself a borrower with a userid and password.
Attempt a password recovery on the OPAC
update the entry in the database for that user to have an expired token
e.g. update borrower_password_recovery set valid_until = '2017-01-25
03:25:26' where borrowernumber = 12;
Attempt another password recovery operation - should error
apply the patch
Try it again - no error, new token is generated and additional email
with new link is sent.
Issue reproduced - is resolved by patch
Signed-off-by: Marc Véron <veron at veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart at biblibre.com>
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list