diegods/homelabdspbx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove remember me tokens when password is updated (#7759)

Browse Source 
* Update user_edit.php

* Update user_profile.php
This commit is contained in:
Alex
2026-02-26 17:02:56 -07:00
committed by GitHub
parent c095138d50
commit 82f339c4a0
2 changed files with 21 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
core/users/user_edit.php
+10
View File
@@ -533,10 +533,20 @@
unlink(session_save_path() . "/sess_" . $row['session_id']);
}
}
unset($sql, $parameters);
//create a one way hash for the user password
$array['users'][$x]['password'] = password_hash($password, PASSWORD_DEFAULT, $options);
$array['users'][$x]['salt'] = null;
//remove remember me tokens
$sql = "update v_user_logs ";
$sql .= "set remember_selector = null, ";
$sql .= "remember_validator = null ";
$sql .= "where user_uuid = :user_uuid ";
$parameters['user_uuid'] = $user_uuid;
$database->execute($sql, $parameters);
unset($sql, $parameters);
}
$array['users'][$x]['user_email'] = $user_email;
$array['users'][$x]['user_status'] = $user_status;