summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorIvan Kohler <ivan@freeside.biz>2014-12-28 14:19:42 -0800
committerIvan Kohler <ivan@freeside.biz>2014-12-28 14:19:42 -0800
commit1401eef8b37ea9ffc6a44819a0778697c775dac3 (patch)
treee946dc7a5a5ea3ac09d97d139d79bedba1ced1f2
parent9e41d40df2756e5cfad9483967c70cbd1fd0513c (diff)
fix contact self-service password reset link vs. outlook, RT#32657
Diffstat
-rw-r--r--FS/FS/msg_template/InitialData.pm2
-rwxr-xr-xfs_selfservice/FS-SelfService/cgi/selfservice.cgi13
2 files changed, 13 insertions, 2 deletions
diff --git a/FS/FS/msg_template/InitialData.pm b/FS/FS/msg_template/InitialData.pm
index a21c2d557..a4e27fdc9 100644
--- a/FS/FS/msg_template/InitialData.pm
+++ b/FS/FS/msg_template/InitialData.pm
@@ -10,7 +10,7 @@ sub _initial_data {
_insert_args => [ subject => '{ $company_name } password reset',
body => <<'END',
To complete your { $company_name } password reset, please go to
-<a href="{ $selfservice_server_base_url }/selfservice.cgi?action=process_forgot_password;session_id={ $session_id }">{ $selfservice_server_base_url }/selfservice.cgi?action=process_forgot_password;session_id={ $session_id }</a><br />
+<a href="{ $selfservice_server_base_url }/selfservice.cgi?action=process_forgot_password_session_{ $session_id }">{ $selfservice_server_base_url }/selfservice.cgi?action=process_forgot_password_session_{ $session_id }</a><br />
<br />
This link will expire in 24 hours.<br />
<br />
diff --git a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
index b008fbf8b..4ccf1de82 100755
--- a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
+++ b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
@@ -88,12 +88,17 @@ my @nologin_actions = (qw(
do_forgot_password
process_forgot_password
do_process_forgot_password
+ process_forgot_password_session
));
push @actions, @nologin_actions;
my %nologin_actions = map { $_=>1 } @nologin_actions;
my $action = 'myaccount'; # sensible default
-if ( $cgi->param('action') =~ /^(\w+)$/ ) {
+
+if ( $cgi->param('action') =~ /^process_forgot_password_session_(\w+)$/ ) {
+ $action = 'process_forgot_password_session';
+ $session_id = $1;
+} elsif ( $cgi->param('action') =~ /^(\w+)$/ ) {
if (grep {$_ eq $1} @actions) {
$action = $1;
} else {
@@ -1051,6 +1056,12 @@ sub process_forgot_password {
);
}
+sub process_forgot_password_session {
+ check_reset_passwd(
+ 'session_id' => $session_id,
+ );
+}
+
sub do_process_forgot_password {
process_reset_passwd(
map { $_ => scalar($cgi->param($_)) }
generated by cgit v1.2.1 (git 2.18.0) at 2024-07-07 10:25:39 +0000