diff options
author | cash <cash@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-12-05 17:46:34 +0000 |
---|---|---|
committer | cash <cash@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-12-05 17:46:34 +0000 |
commit | 897f6d34fe382eed85b14a5a5ac69f968049bb84 (patch) | |
tree | f35a17013c64953eaa2e8d85f210e09219731def /mod/uservalidationbyemail | |
parent | 64c20a7d0a147cc48cdccfe6adb66fba19f79f6b (diff) | |
download | elgg-897f6d34fe382eed85b14a5a5ac69f968049bb84.tar.gz elgg-897f6d34fe382eed85b14a5a5ac69f968049bb84.tar.bz2 |
adding more security to the user validation by email code - before people could fake the validation with knowledge of the code making it possible for bots to register and validate without an email address
git-svn-id: http://code.elgg.org/elgg/trunk@3731 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'mod/uservalidationbyemail')
-rw-r--r-- | mod/uservalidationbyemail/start.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/mod/uservalidationbyemail/start.php b/mod/uservalidationbyemail/start.php index 583415a5d..049287c89 100644 --- a/mod/uservalidationbyemail/start.php +++ b/mod/uservalidationbyemail/start.php @@ -43,7 +43,8 @@ { global $CONFIG; - return md5($user_guid . $email_address . $CONFIG->site->url); // Note I bind to site URL, this is important on multisite! + // Note I bind to site URL, this is important on multisite! + return md5($user_guid . $email_address . $CONFIG->site->url . get_site_secret()); } /** |