Actions
Maintenance #1945
closedxmera Omnia - Collection #1826: Maintenance tasks of several components
Maintenance #1739: Support Redmine 5.1.1
Check if account controller changes will have impact on plugins
Start date:
Due date:
% Done:
100%
Estimated time:
Compatible Redmine Version:
Pull Request Link:
Description
Affected plugins:
- project:xmera-omnia-operations
- Redmine Login Attempts Limit
- project:redmine-local-avatars
diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb
index f1230b039..dfe229526 100644
--- a/app/controllers/account_controller.rb
+++ b/app/controllers/account_controller.rb
@@ -103,7 +103,9 @@ class AccountController < ApplicationController
user = User.find_by_mail(email)
# user not found
unless user
- flash.now[:error] = l(:notice_account_unknown_email)
+ # Don't show an error indicating a non-existent email address
+ # to prevent email harvesting
+ flash[:notice] = l(:notice_account_lost_email_sent)
return
end
unless user.active?
@@ -378,7 +380,7 @@ class AccountController < ApplicationController
flash[:notice] = l(:notice_account_register_done, :email => ERB::Util.h(user.mail))
redirect_to signin_path
else
- yield if block_given?
+ yield if block
end
end
@@ -394,7 +396,7 @@ class AccountController < ApplicationController
flash[:notice] = l(:notice_account_activated)
redirect_to my_account_path
else
- yield if block_given?
+ yield if block
end
end
@@ -407,7 +409,7 @@ class AccountController < ApplicationController
Mailer.deliver_account_activation_request(user)
account_pending(user)
else
- yield if block_given?
+ yield if block
end
Updated by liaham about 1 year ago
No impact on project:xmera-omnia-operations.
No impact on project:redmine-login-attempt-limit.
No impact on project:redmine-local-avatar.
Updated by liaham about 1 year ago
- Status changed from New to Closed
- Assignee set to liaham
- % Done changed from 0 to 100
Actions