diff options
| author | Bart Visscher <bartv@thisnet.nl> | 2012-10-17 17:26:12 +0200 |
|---|---|---|
| committer | Bart Visscher <bartv@thisnet.nl> | 2012-10-17 17:26:12 +0200 |
| commit | a8d0f8482926e7780edc6ffa60f772da1f20e40a (patch) | |
| tree | d32feefd10f56f97ab25055171220abbb20ca0f9 | |
| parent | 0a614429af21193f1da47c94d1382953b8d6ba8c (diff) | |
| download | nextcloud-server-a8d0f8482926e7780edc6ffa60f772da1f20e40a.tar.gz nextcloud-server-a8d0f8482926e7780edc6ffa60f772da1f20e40a.zip | |
Resetting the password should also invalidate the token login cookies
| -rw-r--r-- | core/lostpassword/controller.php | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/core/lostpassword/controller.php b/core/lostpassword/controller.php index 6037fefa4ba..e616fe7dff8 100644 --- a/core/lostpassword/controller.php +++ b/core/lostpassword/controller.php @@ -67,6 +67,7 @@ class OC_Core_LostPassword_Controller { if (isset($_POST['password'])) { if (OC_User::setPassword($args['user'], $_POST['password'])) { OC_Preferences::deleteKey($args['user'], 'owncloud', 'lostpassword'); + OC_User::unsetMagicInCookie(); self::displayResetPasswordPage(true, $args); } else { self::displayResetPasswordPage(false, $args); |