From 40684441d25833e29ab6754703ecc3eb3f796e69 Mon Sep 17 00:00:00 2001
From: JT Smith <jt@plainblack.com>
Date: Tue, 22 Oct 2002 00:21:22 +0000
Subject: [PATCH] Fixed a problem where a user could attempt to recover their
 password with a blank email account and screw up all the passwords for all
 the users that hadn't specified an email account.

---
 lib/WebGUI/Operation/Account.pm | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/WebGUI/Operation/Account.pm b/lib/WebGUI/Operation/Account.pm
index f130d5abf..aaa8fcb14 100644
--- a/lib/WebGUI/Operation/Account.pm
+++ b/lib/WebGUI/Operation/Account.pm
@@ -507,6 +507,9 @@ sub www_recoverPassword {
 #-------------------------------------------------------------------
 sub www_recoverPasswordFinish {
 	my ($sth, $username, $encryptedPassword, $userId, $password, $flag, $message, $output);
+	if ($session{form}{email} eq "") {
+		return '<ul><li>'.WebGUI::International::get(743).'</li></ul>'.www_recoverPassword() 
+	}
 	$sth = WebGUI::SQL->read("select users.username, users.userId from users, userProfileData 
 		where users.userId=userProfileData.userId and userProfileData.fieldName='email' 
 		and fieldData=".quote($session{form}{email}));