Fix determining invalid password reset link

This commit is contained in:
Jay 2022-03-03 17:19:14 +01:00
parent d9ebe7e038
commit b1f62e829b

View file

@ -57,7 +57,7 @@ if (isset($_POST['email'], $_POST['password']) && !empty($_POST['planet'])) {
->fetch(); ->fetch();
if ($user) { if ($user) {
if (time() <= $user['password_reset_valid_until']) { if (time() > $user['password_reset_valid_until']) {
$database $database
->query('UPDATE `users` ->query('UPDATE `users`
SET `password` = "' . sha1($_POST['password']) . '", SET `password` = "' . sha1($_POST['password']) . '",