Update app/code/core/Mage/Customer/controllers/AccountController.php

Co-authored-by: Sven Reichel <github-sr@hotmail.com>
OpenMage · Sep 23, 2024 · 0f65646 · 0f65646
1 parent 41bcd4d
commit 0f65646
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/app/code/core/Mage/Customer/controllers/AccountController.php b/app/code/core/Mage/Customer/controllers/AccountController.php
@@ -931,8 +931,8 @@ protected function _validateResetPasswordLinkToken($customerId, $resetPasswordLi
             throw Mage::exception('Mage_Core', $this->_getHelper('customer')->__('Wrong customer account specified.'));
         }
 
-        $customerToken = (string) $customer->getRpToken();
-        if (strcmp($customerToken, $resetPasswordLinkToken) !== 0 || $customer->isResetPasswordLinkTokenExpired()) {
+        $customerToken = $customer->getRpToken();
+        if (is_null(customerToken) || strcmp($customerToken, $resetPasswordLinkToken) !== 0 || $customer->isResetPasswordLinkTokenExpired()) {
             throw Mage::exception('Mage_Core', $this->_getHelper('customer')->__('Your password reset link has expired.'));
         }
     }