diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2006-07-14 13:05:48 +0200 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2006-07-14 13:05:48 +0200 |
| commit | 1d5856cfe64e778c70fece0d08d36f153be16600 (patch) | |
| tree | 0d13fa843fd2693cd5c9c0a5d97865f5a92cdb1f /inc/html.php | |
| parent | 75e487e9d106f5e0a60b5b66552c332c79637442 (diff) | |
| download | rpg-1d5856cfe64e778c70fece0d08d36f153be16600.tar.gz rpg-1d5856cfe64e778c70fece0d08d36f153be16600.tar.bz2 | |
two-stage password reset
This patch changes the password reset function to a two-stage process.
After requesting a new password a confirmation email is sent first, only
if the link contained in this mail is used the password is changed for real.
This makes sure malicious people can't reset passwords for other users.
darcs-hash:20060714110548-7ad00-c1e23fd51cc2d2f16473914421ebe0f9c3b2ba8c.gz
Diffstat (limited to 'inc/html.php')
| -rw-r--r-- | inc/html.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/inc/html.php b/inc/html.php index 9fed619a8..58199e1cd 100644 --- a/inc/html.php +++ b/inc/html.php @@ -78,14 +78,14 @@ function html_login(){ if($auth->canDo('addUser') && actionOK('register')){ print '<p>'; print $lang['reghere']; - print ': <a href="'.wl($ID,'do=register').'" class="wikilink1">'.$lang['register'].'</a>'; + print ': <a href="'.wl($ID,'do=register').'" rel="nofollow" class="wikilink1">'.$lang['register'].'</a>'; print '</p>'; } if ($auth->canDo('modPass') && actionOK('resendpwd')) { print '<p>'; print $lang['pwdforget']; - print ': <a href="'.wl($ID,'do=resendpwd').'" class="wikilink1">'.$lang['btn_resendpwd'].'</a>'; + print ': <a href="'.wl($ID,'do=resendpwd').'" rel="nofollow" class="wikilink1">'.$lang['btn_resendpwd'].'</a>'; print '</p>'; } ?> |