From 4d5f8e7876e291bd309963e9a56dc1a8ad5a5f89 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Wed, 9 Mar 2011 15:46:24 -0800 Subject: [PATCH] Ticket #3076: fix regression in password recovery when email address given that doesn't match Was triggering errors due to use of common_canonical_nickname() on arbitrary input without checking for exceptions about invalid nicknames (which didn't exist long ago in the before time) --- actions/recoverpassword.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/actions/recoverpassword.php b/actions/recoverpassword.php index 9019d6fb22..a73872bfdb 100644 --- a/actions/recoverpassword.php +++ b/actions/recoverpassword.php @@ -282,7 +282,11 @@ class RecoverpasswordAction extends Action $user = User::staticGet('email', common_canonical_email($nore)); if (!$user) { - $user = User::staticGet('nickname', common_canonical_nickname($nore)); + try { + $user = User::staticGet('nickname', common_canonical_nickname($nore)); + } catch (NicknameException $e) { + // invalid + } } # See if it's an unconfirmed email address