Bug 17494: Make sure the same verification token won't be generated twice

Well, this patch does not enforce the unique constraint but mimic what is already done in C4::ImportExportFramework and Koha::Upload where md5_hex is used. Test plan: Have a look at the code and confirm that it adds more randomness to the hashed string Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-10-27 10:04:30 +02:00 · 2016-10-27 10:04:30 +02:00 · df3a9105e8
commit df3a9105e8
parent 43c6850269
1 changed files with 1 additions and 1 deletions
--- a/opac/opac-memberentry.pl
+++ b/opac/opac-memberentry.pl
@ -138,7 +138,7 @@ if ( $action eq 'create' ) {
            );
            $template->param( 'email' => $borrower{'email'} );

-            my $verification_token = md5_hex( \%borrower );
+            my $verification_token = md5_hex( time().{}.rand().{}.$$ );

            $borrower{password}           = random_string("..........");
            $borrower{verification_token} = $verification_token;