Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> --- web/html/passreset.php | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/web/html/passreset.php b/web/html/passreset.php index 59fd4bc..e926161 100644 --- a/web/html/passreset.php +++ b/web/html/passreset.php @@ -37,14 +37,19 @@ if (isset($_GET['resetkey'], $_POST['email'], $_POST['password'], $_POST['confir } } elseif (isset($_POST['email'])) { $email = $_POST['email']; - $body = __('A password reset request was submitted for the account '. - 'associated with your e-mail address. If you wish to reset '. - 'your password follow the link below, otherwise ignore '. - 'this message and nothing will happen.'). - send_resetkey($email, $body); - header('Location: ' . get_uri('/passreset/') . '?step=confirm'); - exit(); + if (empty($email)) { + $error = __('Missing a required field.'); + } else { + $body = __('A password reset request was submitted for the account '. + 'associated with your e-mail address. If you wish to reset '. + 'your password follow the link below, otherwise ignore '. + 'this message and nothing will happen.'). + send_resetkey($email, $body); + + header('Location: ' . get_uri('/passreset/') . '?step=confirm'); + exit(); + } } $step = isset($_GET['step']) ? $_GET['step'] : NULL; -- 1.8.5.2