Browse Source

修复任意用户密码重置漏洞

master
tianya 4 months ago
parent
commit
5bf7f09f3c
1 changed files with 1 additions and 1 deletions
  1. +1
    -1
      src/member/resetpassword.php

+ 1
- 1
src/member/resetpassword.php View File

@@ -68,7 +68,7 @@ if ($dopost == "") {
if (empty($safeanswer)) $safeanswer = '';
if ($row['safequestion'] == $safequestion && $row['safeanswer'] == $safeanswer) {
if ($row['safequestion'] === $safequestion && $row['safeanswer'] === $safeanswer) {
sn($mid, $row['userid'], $row['email'], 'N');
exit();
} else {


Loading…
Cancel
Save