|
|
@@ -362,7 +362,7 @@ class Auth extends Page
|
|
|
{
|
|
|
if (
|
|
|
! \hash_equals($args['hash'], $this->c->Secury->hash($args['id'] . $args['key']))
|
|
|
- || ! ($user = $this->c->users->load((int) $args['id'])) instanceof User
|
|
|
+ || ! ($user = $this->c->users->load($args['id'])) instanceof User
|
|
|
|| ! \hash_equals($user->activate_string, $args['key'])
|
|
|
) {
|
|
|
$this->c->Log->warning('Passphrase reset: confirmation, fail', [
|
|
|
@@ -453,15 +453,9 @@ class Auth extends Page
|
|
|
protected function formChange(array $args): array
|
|
|
{
|
|
|
return [
|
|
|
- 'action' => $this->c->Router->link(
|
|
|
- 'ChangePassword',
|
|
|
- $args
|
|
|
- ),
|
|
|
+ 'action' => $this->c->Router->link('ChangePassword', $args),
|
|
|
'hidden' => [
|
|
|
- 'token' => $this->c->Csrf->create(
|
|
|
- 'ChangePassword',
|
|
|
- $args
|
|
|
- ),
|
|
|
+ 'token' => $this->c->Csrf->create('ChangePassword', $args),
|
|
|
],
|
|
|
'sets' => [
|
|
|
'forget' => [
|
Visman