From 0bf13da2125a89dbb63a508238ee09266d0e7e89 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 2 Oct 2008 14:02:40 +0000 Subject: [PATCH] Fixed a bug that allowed too many wrong answers --- www/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/www/index.php b/www/index.php index b7703ab..f7c1583 100644 --- a/www/index.php +++ b/www/index.php @@ -93,7 +93,7 @@ $_SESSION['lostpw']['pw1'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['newpass1'])))); $_SESSION['lostpw']['pw2'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['newpass2'])))); - if($answers < $_SESSION['lostpw']['total'] || $answers < 1) + if($answers < $_SESSION['lostpw']['total'] || $answers < 3) { $body = "Someone has just attempted to update the pass phrase on the following account:\n". "Username(ID): ".$_SESSION['lostpw']['user']['email']."(".$_SESSION['lostpw']['user']['id'].")\n".