urlencode link fort password reset (bug #970)

author Bjoern Schiessle <schiessle@owncloud.com>

Wed, 13 Jun 2012 15:22:28 +0000 (17:22 +0200)

committer Bjoern Schiessle <schiessle@owncloud.com>

Wed, 13 Jun 2012 15:22:28 +0000 (17:22 +0200)
author Bjoern Schiessle <schiessle@owncloud.com>
Wed, 13 Jun 2012 15:22:28 +0000 (17:22 +0200)
committer Bjoern Schiessle <schiessle@owncloud.com>
Wed, 13 Jun 2012 15:22:28 +0000 (17:22 +0200)
diff --git a/core/lostpassword/index.php b/core/lostpassword/index.php

index 6bed7bdd93f7412568cb96c6ba6d96e234aaa488..bd2a3e897e5de8c6dd484ebc8db46f83ce5fddc4 100644 (file)
--- a/core/lostpassword/index.php
+++ b/core/lostpassword/index.php
@@ -17,7 +17,7 @@ if (isset($_POST['user'])) {
                 OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', $token);
                 $email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', '');
                 if (!empty($email) and isset($_POST['sectoken']) and isset($_SESSION['sectoken']) and ($_POST['sectoken']==$_SESSION['sectoken']) ) {
-                       $link = OC_Helper::linkToAbsolute('core/lostpassword', 'resetpassword.php').'?user='.$_POST['user'].'&token='.$token;
+                       $link = OC_Helper::linkToAbsolute('core/lostpassword', 'resetpassword.php').'?user='.urlencode($_POST['user']).'&token='.$token;
                         $tmpl = new OC_Template('core/lostpassword', 'email');
                         $tmpl->assign('link', $link);
                         $msg = $tmpl->fetchPage();
author	Bjoern Schiessle <schiessle@owncloud.com>
	Wed, 13 Jun 2012 15:22:28 +0000 (17:22 +0200)
committer	Bjoern Schiessle <schiessle@owncloud.com>
	Wed, 13 Jun 2012 15:22:28 +0000 (17:22 +0200)