From cfcd8e41467dd17c13c2ef80a6f12ae883f1f9f3 Mon Sep 17 00:00:00 2001 From: guillep2k <18600385+guillep2k@users.noreply.github.com> Date: Fri, 21 Feb 2020 10:08:04 -0300 Subject: [PATCH] Ensure only own addresses are updated (#10397) --- models/user.go | 2 +- models/user_mail.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/models/user.go b/models/user.go index d77a54b069..5031849f90 100644 --- a/models/user.go +++ b/models/user.go @@ -1025,7 +1025,7 @@ func VerifyActiveEmailCode(code, email string) *EmailAddress { data := com.ToStr(user.ID) + email + user.LowerName + user.Passwd + user.Rands if base.VerifyTimeLimitCode(data, minutes, prefix) { - emailAddress := &EmailAddress{Email: email} + emailAddress := &EmailAddress{UID: user.ID, Email: email} if has, _ := x.Get(emailAddress); has { return emailAddress } diff --git a/models/user_mail.go b/models/user_mail.go index d929ba5a5d..41f08c9db2 100644 --- a/models/user_mail.go +++ b/models/user_mail.go @@ -201,7 +201,7 @@ func MakeEmailPrimary(email *EmailAddress) error { } // Make sure the former primary email doesn't disappear. - formerPrimaryEmail := &EmailAddress{Email: user.Email} + formerPrimaryEmail := &EmailAddress{UID: user.ID, Email: user.Email} has, err = x.Get(formerPrimaryEmail) if err != nil { return err