diff options
Diffstat (limited to 'core/lostpassword/controller.php')
| -rw-r--r-- | core/lostpassword/controller.php | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/core/lostpassword/controller.php b/core/lostpassword/controller.php index fbcf4a87f22..2f996365219 100644 --- a/core/lostpassword/controller.php +++ b/core/lostpassword/controller.php @@ -8,8 +8,11 @@ class OC_Core_LostPassword_Controller { protected static function displayLostPasswordPage($error, $requested) { + $isEncrypted = OC_App::isEnabled('files_encryption'); OC_Template::printGuestPage('core/lostpassword', 'lostpassword', - array('error' => $error, 'requested' => $requested)); + array('error' => $error, + 'requested' => $requested, + 'isEncrypted' => $isEncrypted)); } protected static function displayResetPasswordPage($success, $args) { @@ -29,7 +32,16 @@ class OC_Core_LostPassword_Controller { } public static function sendEmail($args) { - if (OC_User::userExists($_POST['user'])) { + + $isEncrypted = OC_App::isEnabled('files_encryption'); + + if(!$isEncrypted || isset($_POST['continue'])) { + $continue = true; + } else { + $continue = false; + } + + if (OC_User::userExists($_POST['user']) && $continue) { $token = hash('sha256', OC_Util::generate_random_bytes(30).OC_Config::getValue('passwordsalt', '')); OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', hash('sha256', $token)); // Hash the token again to prevent timing attacks |