diff --git a/src/controllers/Password.php b/src/controllers/Password.php index f9b05c1..a9bd9de 100644 --- a/src/controllers/Password.php +++ b/src/controllers/Password.php @@ -81,7 +81,7 @@ private function handleEmailSubmission(): void /** * Checks if password reset link contains the necessary token and id query parameters. - * @return bool + * @return bool True if valid */ private function validatePasswordResetLink(): bool { @@ -107,6 +107,7 @@ private function handlePasswordSubmission(): void { if (!$this->validatePasswordResetLink()) { $this->view_data['error'] = 'Invalid password reset link'; + return; } if (!isset($_POST['pwd'], $_POST['pwd-repeat'])) {