Commit f538c847 authored by Aaron Wells's avatar Aaron Wells
Browse files

Check that account is valid before logging in via password reset

Bug1284876: Without this, a suspended user can log in via a password
reset email

Change-Id: I5cb8f2978cdc2c6c0a6975a3fbfd2dfdc1d9bcc5
parent 25555c2a
......@@ -216,6 +216,8 @@ function forgotpasschange_submit(Pieform $form, $values) {
// Remove the password request(s) for the user
delete_records('usr_password_request', 'usr', $values['user']);
$USER->reanimate($user->id, $user->authinstance);
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment