From 32507085b40b2aa9cef30212f84dbeea1e830e22 Mon Sep 17 00:00:00 2001
From: Loic d'Anterroches <titoo@users.sourceforge.net>
Date: Thu, 2 Jul 2009 20:04:46 +0200
Subject: [PATCH] Added another level of check on the reset password key.

---
 src/IDF/Form/PasswordInputKey.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/IDF/Form/PasswordInputKey.php b/src/IDF/Form/PasswordInputKey.php
index 56aa621..23f7c02 100644
--- a/src/IDF/Form/PasswordInputKey.php
+++ b/src/IDF/Form/PasswordInputKey.php
@@ -95,6 +95,10 @@ class IDF_Form_PasswordInputKey extends Pluf_Form
             return false;
         }
         $cr = new Pluf_Crypt(md5(Pluf::f('secret_key')));
-        return split(':', $cr->decrypt($encrypted), 3);
+        $f = split(':', $cr->decrypt($encrypted), 3);
+        if (count($f) != 3) {
+            return false;
+        }
+        return $f;
     }
 }