fix: avoid possible email address manipulation

thorsten · Apr 12, 2023 · 07552f5 · 07552f5
1 parent de8be82
commit 07552f5
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 1 deletion.
diff --git a/phpmyfaq/ajaxservice.php b/phpmyfaq/ajaxservice.php
@@ -774,6 +774,11 @@
             break;
         }
 
+        if ($userId !== $user->getUserIdByEmail($email)) {
+            $message = ['error' => 'User ID / email mismatch!'];
+            break;
+        }
+
         if (strlen($password) <= 7 || strlen($confirm) <= 7) {
             $message = ['error' => $PMF_LANG['ad_passwd_fail']];
             break;

diff --git a/phpmyfaq/src/phpMyFAQ/User.php b/phpmyfaq/src/phpMyFAQ/User.php
@@ -908,7 +908,7 @@ public function getUserIdByEmail(string $email): int
 
         $userData = $this->userdata->fetchAll('email', $email);
 
-        return (int)$userData['user_id'];
+        return $userData['user_id'];
     }
 
     /**