Fake recovery by email address, to hide registrants on the site

2015-05-30 23:29:16 +02:00 · 2015-05-30 23:29:16 +02:00 · 82f9b6908c
commit 82f9b6908c
parent 731d283159
3 changed files with 18 additions and 7 deletions
--- a/actions/recoverpassword.php
+++ b/actions/recoverpassword.php
@ -272,10 +272,16 @@ class RecoverpasswordAction extends Action
        try {
            User::recoverPassword($nore);
            $this->mode = 'sent';
-            // TRANS: User notification after an e-mail with instructions was sent from the password recovery form.
-            $this->msg = _('Instructions for recovering your password ' .
-                           'have been sent to the email address registered to your ' .
-                           'account.');
+            if (common_is_email($nore) && common_config('site', 'fakeaddressrecovery')) {
+                // TRANS: User notification when recovering password by giving email address,
+                //        regardless if the mail was sent or not (to hide registered email status).
+                $this->msg = _('If the email address you provided was found in the database, a recovery mail with instructions has been sent there.');
+            } else {
+                // TRANS: User notification after an e-mail with instructions was sent from the password recovery form.
+                $this->msg = _('Instructions for recovering your password ' .
+                               'have been sent to the email address registered to your ' .
+                               'account.');
+            }
            $this->success = true;
        } catch (Exception $e) {
            $this->success = false;
--- a/classes/User.php
+++ b/classes/User.php
@ -873,16 +873,20 @@ class User extends Managed_DataObject
            }

            // No luck finding anyone by that email address.
-            // TODO: Fake sending email (since we don't want to reveal which addresses exist or not)
            if (!$user instanceof User) {
-                // TRANS: Information on password recovery form if no known username or e-mail address was specified.
+                if (common_config('site', 'fakeaddressrecovery')) {
+                    // Return without actually doing anything! We fake address recovery
+                    // to avoid revealing which email addresses are registered with the site.
+                    return;
+                }
+                // TRANS: Information on password recovery form if no known e-mail address was specified.
                throw new ClientException(_('No user with that email address exists here.'));
            }
        } else {
            // This might throw a NicknameException on bad nicknames
            $user = User::getKV('nickname', common_canonical_nickname($nore));
            if (!$user instanceof User) {
-                // TRANS: Information on password recovery form if no known username or e-mail address was specified.
+                // TRANS: Information on password recovery form if no known username was specified.
                throw new ClientException(_('No user with that nickname exists here.'));
            }
        }
--- a/lib/default.php
+++ b/lib/default.php
@ -48,6 +48,7 @@ $default =
              'languages' => get_all_languages(),
              'email' =>
              array_key_exists('SERVER_ADMIN', $_SERVER) ? $_SERVER['SERVER_ADMIN'] : null,
+              'fakeaddressrecovery' => true,
              'broughtby' => null,
              'timezone' => 'UTC',
              'broughtbyurl' => null,