From 5c1f6367064ec0c3464f4eb533143fac26a435c2 Mon Sep 17 00:00:00 2001 From: Andres Campanario Date: Tue, 12 Mar 2024 13:06:31 +0100 Subject: [PATCH] respond with a generic message instead of 'That account does not exist' --- src/Controller/Traits/PasswordManagementTrait.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/Controller/Traits/PasswordManagementTrait.php b/src/Controller/Traits/PasswordManagementTrait.php index 56a1383f..b0324f91 100644 --- a/src/Controller/Traits/PasswordManagementTrait.php +++ b/src/Controller/Traits/PasswordManagementTrait.php @@ -164,20 +164,20 @@ public function requestResetPassword() 'type' => 'password', ]); if ($resetUser) { - $msg = __d('cake_d_c/users', 'Please check your email to continue with password reset process'); + $msg = __d('cake_d_c/users', 'If the account is valid, the system will send an instructional email to the address on record.'); $this->Flash->success($msg); } else { - $msg = __d('cake_d_c/users', 'The password token could not be generated. Please try again'); + $msg = __d('cake_d_c/users', 'There was an error please contact Administrator'); $this->Flash->error($msg); } return $this->redirect(['action' => 'login']); - } catch (UserNotFoundException $exception) { - $this->Flash->error(__d('cake_d_c/users', 'User {0} was not found', $reference)); - } catch (UserNotActiveException $exception) { - $this->Flash->error(__d('cake_d_c/users', 'The user is not active')); + } catch (UserNotFoundException | UserNotActiveException $exception) { + $msg = __d('cake_d_c/users', 'If the account is valid, the system will send an instructional email to the address on record.'); + $this->Flash->success($msg); } catch (Exception $exception) { - $this->Flash->error(__d('cake_d_c/users', 'Token could not be reset')); + $msg = __d('cake_d_c/users', 'There was an error please contact Administrator'); + $this->Flash->error($msg); $this->log($exception->getMessage()); } }