no use the recoveryPassword var instead of accessing the POST array

diff --git a/apps/files_encryption/lib/helper.php b/apps/files_encryption/lib/helper.php
index 43f573c16b9789ef74c9ba6b4184d24fbaf43f5a..7a2d19eed579c912ba357203fddc166048fb3289 100755 (executable)
--- a/apps/files_encryption/lib/helper.php
+++ b/apps/files_encryption/lib/helper.php
@@ -146,7 +146,7 @@ class Helper
 
                } else { // get recovery key and check the password
                        $util = new \OCA\Encryption\Util( new \OC_FilesystemView( '/' ), \OCP\User::getUser() );
-                       $return = $util->checkRecoveryPassword( $_POST['recoveryPassword'] );
+                       $return = $util->checkRecoveryPassword( $recoveryPassword );
                        if ( $return ) {
                                \OC_Appconfig::setValue( 'files_encryption', 'recoveryAdminEnabled', 1 );
                        }