kenmirrors/firefly-iii
1
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-09-04 19:53:44 +00:00
Code Issues Projects Releases Wiki Activity

Change to safer hash methods.

Browse Source
This commit is contained in:
James Cole
2020-04-11 06:42:21 +02:00
parent 91deb22a3f
commit 6829003f5e
8 changed files with 15 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
app/Handlers/Events/UserEventHandler.php
View File

@@ -165,7 +165,8 @@ class UserEventHandler
$user = $event->user;
$ipAddress = $event->ipAddress;
$token = app('preferences')->getForUser($user, 'email_change_undo_token', 'invalid');
$uri = route('profile.undo-email-change', [$token->data, hash('sha256', $oldEmail)]);
$hashed = hash('sha256', sprintf('%s%s', (string) config('app.key'), $oldEmail));
$uri = route('profile.undo-email-change', [$token->data,$hashed]);
try {
Mail::to($oldEmail)->send(new UndoEmailChangeMail($newEmail, $oldEmail, $uri, $ipAddress));
// @codeCoverageIgnoreStart