diff options
| author | Go MAEDA <maeda@farend.jp> | 2023-02-07 03:53:27 +0000 |
|---|---|---|
| committer | Go MAEDA <maeda@farend.jp> | 2023-02-07 03:53:27 +0000 |
| commit | c94296720d191487aa903b7cb0e27e52e37344c8 (patch) | |
| tree | cb4ac5df66fde274b2f9445145660c600facea70 /app | |
| parent | e03bc47e1413a771505dcbf3fbb907d3a689e24a (diff) | |
| download | redmine-c94296720d191487aa903b7cb0e27e52e37344c8.tar.gz redmine-c94296720d191487aa903b7cb0e27e52e37344c8.zip | |
Remove "Unknown user" notification on password request with non-existent email address (#6254).
Patch by Go MAEDA.
git-svn-id: https://svn.redmine.org/redmine/trunk@22100 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app')
| -rw-r--r-- | app/controllers/account_controller.rb | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb index 27db70836..dfe229526 100644 --- a/app/controllers/account_controller.rb +++ b/app/controllers/account_controller.rb @@ -103,7 +103,9 @@ class AccountController < ApplicationController user = User.find_by_mail(email) # user not found unless user - flash.now[:error] = l(:notice_account_unknown_email) + # Don't show an error indicating a non-existent email address + # to prevent email harvesting + flash[:notice] = l(:notice_account_lost_email_sent) return end unless user.active? |