iarv/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-03-28 17:42:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

(cp b26ca3e08) fixes #2522 use privacy-preserving verification message

Browse Source 
Replace the explicit "An email has been sent with a verification code" message with a privacy-preserving wording: "If your account exists, a verification code has been sent to your email address." This avoids account enumeration. Updated language entries in en_UK and fr_FR, the server-side message in password.php, and the password reset template.
This commit is contained in:
Linty
2026-02-12 17:28:33 +01:00
parent 4b9767ef13
commit 8ff31e0758
4 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
language/en_UK/common.lang.php
View File

@@ -518,7 +518,6 @@ $lang['Your API key will expire in %d days.'] = 'Your API key will expire in %d
$lang['To continue using the API, please renew your key before it expires.'] = 'To continue using the API, please renew your key before it expires.';
$lang['You can manage your API keys in your <a href="%s">account settings.</a>'] = 'You can manage your API keys in your <a href="%s">account settings.</a>';
$lang['Expert mode'] = 'Expert mode';
$lang['An email has been sent with a verification code'] = 'An email has been sent with a verification code';
$lang['If you do not receive the email, please contact your webmaster.'] = 'If you do not receive the email, please contact your webmaster.';
$lang['Verification code'] = 'Verification code';
$lang['Verify'] = 'Verify';
@@ -534,3 +533,4 @@ $lang['If this wasn\'t you, please change your password immediately or contact y
$lang['If you changed your password because you think it was stolen, we recommend revoking your %d API keys <a href="%s">in your profile</a>.'] = 'If you changed your password because you think it was stolen, we recommend revoking your %d API keys <a href="%s">in your profile</a>.';
$lang['Too many attempts, please try later..'] = 'Too many attempts, please try later..';
$lang['Verification successful! You can now choose a new password.'] = 'Verification successful! You can now choose a new password.';
$lang['If your account exists, a verification code has been sent to your email address.'] = 'If your account exists, a verification code has been sent to your email address.';

4
language/fr_FR/common.lang.php
View File

@@ -515,7 +515,6 @@ $lang['Your API key will expire in %d days.'] = 'Votre clé API expirera dans %d
$lang['To continue using the API, please renew your key before it expires.'] = 'Pour continuer à utiliser l\'API, veuillez renouveler votre clé avant son expiration.';
$lang['You can manage your API keys in your <a href="%s">account settings.</a>'] = 'Vous pouvez gérer vos clés API dans les <a href="%s">paramètres de votre compte.</a>';
$lang['Expert mode'] = 'Mode expert';
$lang['An email has been sent with a verification code'] = 'Un e-mail contenant un code de vérification vous a été envoyé';
$lang['If you do not receive the email, please contact your webmaster.'] = 'Si vous ne recevez pas cet e-mail, veuillez contacter votre webmaster.';
$lang['Verification code'] = 'Code de vérification';
$lang['Verify'] = 'Vérifier';
@@ -533,4 +532,5 @@ $lang['Too many attempts, please try later..'] = 'Trop de tentatives, veuillez r
$lang['Verification successful! You can now choose a new password.'] = 'Vérification réussie ! Vous pouvez maintenant choisir un nouveau mot de passe.';
$lang['Check your inbox'] = 'Vérifiez votre boîte de réception.';
$lang['The email %s will be used to notify you when your API key is about to expire.'] = 'L\'adresse e-mail %s sera utilisée pour vous avertir lorsque votre clé API sera sur le point d\'expirer.';
$lang['When enabled, a common template is used for the login and registration pages, regardless of the theme.'] = 'Lorsque cette option est activée, un gabarit commun est utilisé pour les pages de connexion et d\'inscription, quel que soit le thème.';
$lang['When enabled, a common template is used for the login and registration pages, regardless of the theme.'] = 'Lorsque cette option est activée, un gabarit commun est utilisé pour les pages de connexion et d\'inscription, quel que soit le thème.';
$lang['If your account exists, a verification code has been sent to your email address.'] = 'Si votre compte existe, un code de vérification a été envoyé à votre adresse email.';

2
password.php
View File

@@ -360,7 +360,7 @@ if (isset($_POST['submit']))
{
if (process_verification_code())
{
$page['infos'][] = l10n('An email has been sent with a verification code');
$page['infos'][] = l10n('If your account exists, a verification code has been sent to your email address.');
$page['action'] = 'lost_code';
}
}

2
themes/standard_pages/template/password.tpl
View File

@@ -114,7 +114,7 @@
</div>
{elseif $action eq 'lost_code'}
<span class="success-message"><i class="gallery-icon-ok-circled"></i>{'An email has been sent with a verification code'|translate}</span>
<span class="success-message"><i class="gallery-icon-ok-circled"></i>{'If your account exists, a verification code has been sent to your email address.'|translate}</span>
<div class="column-flex">
<label for="user_code">{'Verification code'|@translate}</label>
<div class="row-flex input-container">