Trim the user/email provided for password resets

Signed-off-by: Josh Richards <josh.t.richards@gmail.com>

diff --git a/core/Controller/LostController.php b/core/Controller/LostController.php
index 044535c345bc971a3be61924f7f5151c62803b1f..36b8dca6ddb606f62c3adef0d0c1ae1dc69639fd 100644 (file)
--- a/core/Controller/LostController.php
+++ b/core/Controller/LostController.php
@@ -208,7 +208,7 @@ class LostController extends Controller {
 
                // FIXME: use HTTP error codes
                try {
-                       $this->sendEmail($user);
+                       $this->sendEmail(trim($user));
                } catch (ResetPasswordException $e) {
                        // Ignore the error since we do not want to leak this info
                        $this->logger->warning('Could not send password reset email: ' . $e->getMessage());