MantisBT: master-2.3 9c9297e2

Diff Back to Repository
Author Committer Branch Timestamp Parent
vboctor vboctor master-2.3 2017-04-19 07:40 master-2.3 dc9560f2
Affected Issues  0022746: Lost password redirects to login page if email address is empty and anonymous access is disabled
Changeset

Lost password email validation fix

This was caused when:

  • anonymous authentication is OFF.
  • email address is left empty.

This caused calling auth_get_current_user_id() when no user is authenticated
which causes user to get redirected to login page and then get directed to
lost password action page, which then complains that there is no valid form
security token.

The correct behavior is to prompt an error message that email address is invalid.

Fixes 0022746
mod - core/current_user_api.php Diff File