From f1a4b508e57879e2c17feded54f0d1b82ae54d2b Mon Sep 17 00:00:00 2001
From: Lukas Fleischer <archlinux@cryptocrack.de>
Date: Tue, 19 Mar 2013 13:44:08 +0100
Subject: Enforce e-mail validation during registration

Remove the password field from the account creation form and always send
a password reset request via e-mail instead. This ensures that only
users with valid e-mail addresses are able to login.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
---
 web/html/account.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'web/html/account.php')

diff --git a/web/html/account.php b/web/html/account.php
index f15a10a..50d376f 100644
--- a/web/html/account.php
+++ b/web/html/account.php
@@ -105,8 +105,8 @@ if (isset($_COOKIE["AURSID"])) {
 		#
 		process_account_form("","new", "NewAccount",
 				in_request("U"), 1, 0, in_request("E"),
-				in_request("P"), in_request("C"), in_request("R"),
-				in_request("L"), in_request("I"), in_request("K"));
+				'', '', in_request("R"), in_request("L"),
+				in_request("I"), in_request("K"));
 
 	} else {
 		# display the account request form
-- 
cgit v1.2.3-54-g00ecf