From 5c0567b4cdaf5d5cc546cd4b4ddadebdb201a1cc Mon Sep 17 00:00:00 2001
From: moodler <moodler>
Date: Sat, 24 May 2003 02:25:57 +0000
Subject: [PATCH] Don't allow password changing if the user isn't confirmed yet

---
 login/forgot_password.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/login/forgot_password.php b/login/forgot_password.php
index 82961dedba..221e2dbd8a 100644
--- a/login/forgot_password.php
+++ b/login/forgot_password.php
@@ -43,6 +43,10 @@
 			if (!$user = get_user_info_from_db("email", $frm->email)) {
                 error("No such user with this address:  $frm->email");
             }
+
+            if (empty($user->confirmed)) {
+                error(get_string("confirmednot"));
+            }
             
             $user->secret = random_string(15);
             
-- 
2.39.5