vassili/seitime-frappe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Block unregistered users from resetting password

Browse source
This commit is contained in:
Anand Doshi 2011-08-08 16:28:10 +05:30
parent 7627a051da
commit d99d252a70
1 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
cgi-bin/webnotes/profile.py
View file

@ -149,11 +149,14 @@ class Profile:
pwd = self.get_random_password()
# get profile
profile = webnotes.conn.sql("SELECT name, email, first_name, last_name FROM tabProfile WHERE name=%s OR email=%s",(self.name, self.name))
profile = webnotes.conn.sql("SELECT name, email, first_name, last_name, registered FROM tabProfile WHERE name=%s OR email=%s",(self.name, self.name))
if not profile:
raise Exception, "Profile %s not found" % self.name
elif not profile[0][4]:
# if an unregistered user tries to reset password
raise Exception, "You cannot reset your password as you have not completed registration. You need to complete registration using the link provided in the email."
# update tab Profile
webnotes.conn.sql("UPDATE tabProfile SET password=password(%s) WHERE name=%s", (pwd, profile[0][0]))