From dc9560f2d8fb6d9828e69d334d2ca726bd3799b6 Mon Sep 17 00:00:00 2001 From: Carlos Proensa Date: Tue, 18 Apr 2017 23:00:37 +0200 Subject: [PATCH 1/2] Fix missing line after revert in PR1093 A line was missing after applying the reverts contained in PR1093 Related Issue: #22663 --- core/date_api.php | 1 + 1 file changed, 1 insertion(+) diff --git a/core/date_api.php b/core/date_api.php index 3ed74b7b61..57925f2645 100644 --- a/core/date_api.php +++ b/core/date_api.php @@ -235,6 +235,7 @@ function print_year_range_option_list( $p_year = 0, $p_start = 0, $p_end = 0 ) { * @access public */ function print_date_selection_set( $p_name, $p_format, $p_date = 0, $p_default_disable = false, $p_allow_blank = false, $p_year_start = 0, $p_year_end = 0, $p_input_css = "input-sm" ) { + $t_chars = preg_split( '//', $p_format, -1, PREG_SPLIT_NO_EMPTY ); if( $p_date != 0 ) { $t_date = preg_split( '/-/', date( 'Y-m-d', $p_date ), -1, PREG_SPLIT_NO_EMPTY ); } else { From 9c9297e26ea1d91d7c94a1d640828965ecdf468b Mon Sep 17 00:00:00 2001 From: Victor Boctor Date: Wed, 19 Apr 2017 08:40:51 -0700 Subject: [PATCH 2/2] Lost password email validation fix This was caused when: - anonymous authentication is OFF. - email address is left empty. This caused calling auth_get_current_user_id() when no user is authenticated which causes user to get redirected to login page and then get directed to lost password action page, which then complains that there is no valid form security token. The correct behavior is to prompt an error message that email address is invalid. Fixes #22746 --- core/current_user_api.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/current_user_api.php b/core/current_user_api.php index 42a7aaabed..85f854b833 100644 --- a/core/current_user_api.php +++ b/core/current_user_api.php @@ -192,7 +192,7 @@ function current_user_get_all_accessible_subprojects( $p_project_id ) { * @access public */ function current_user_is_administrator() { - return user_is_administrator( auth_get_current_user_id() ); + return auth_is_user_authenticated() && user_is_administrator( auth_get_current_user_id() ); } /**