From 14e71096866360509e3bac41bd9f8069dd9bb0a9 Mon Sep 17 00:00:00 2001 From: creme332 <65414576+creme332@users.noreply.github.com> Date: Wed, 24 Apr 2024 10:45:40 +0400 Subject: [PATCH] do not show success message if email does not exist --- src/controllers/Password.php | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/src/controllers/Password.php b/src/controllers/Password.php index dade400..d5aa26b 100644 --- a/src/controllers/Password.php +++ b/src/controllers/Password.php @@ -50,11 +50,11 @@ private function handleEmailSubmission(): void { $submitted_email = filter_var($_POST['email'] ?? "", FILTER_VALIDATE_EMAIL); + // check if email has a valid format if (empty($submitted_email)) { $this->view_data['error'] = 'Invalid email'; return; } - // email is valid // get user ID corresponding to user email $userId = User::getUserIdByEmail($submitted_email); @@ -76,7 +76,13 @@ private function handleEmailSubmission(): void // Send email to user with password reset link and user id $passwordResetLink = ROOT . "/password/reset?token=" . $token_info['token'] . "&id=" . $token_info['request_id']; - $this->sendResetEmail($submitted_email, $passwordResetLink); + + try { + $this->sendResetEmail($submitted_email, $passwordResetLink); + $this->view_data['email_submit_success'] = true; + } catch (Exception) { + return; + } } /** @@ -150,7 +156,6 @@ public function index(): void // user has submitted his email try { $this->handleEmailSubmission(); - $this->view_data['email_submit_success'] = true; } catch (Exception) { $this->view_data['error'] = 'Mailing service is not operational. Please try again later.'; }