diff --git a/core/users/user_edit.php b/core/users/user_edit.php index 7cfe891fe4..d41c16363f 100644 --- a/core/users/user_edit.php +++ b/core/users/user_edit.php @@ -533,10 +533,20 @@ unlink(session_save_path() . "/sess_" . $row['session_id']); } } + unset($sql, $parameters); //create a one way hash for the user password $array['users'][$x]['password'] = password_hash($password, PASSWORD_DEFAULT, $options); $array['users'][$x]['salt'] = null; + + //remove remember me tokens + $sql = "update v_user_logs "; + $sql .= "set remember_selector = null, "; + $sql .= "remember_validator = null "; + $sql .= "where user_uuid = :user_uuid "; + $parameters['user_uuid'] = $user_uuid; + $database->execute($sql, $parameters); + unset($sql, $parameters); } $array['users'][$x]['user_email'] = $user_email; $array['users'][$x]['user_status'] = $user_status; diff --git a/core/users/user_profile.php b/core/users/user_profile.php index 3501d69bb2..f331164220 100644 --- a/core/users/user_profile.php +++ b/core/users/user_profile.php @@ -17,7 +17,7 @@ The Initial Developer of the Original Code is Mark J Crane - Portions created by the Initial Developer are Copyright (C) 2008-2025 + Portions created by the Initial Developer are Copyright (C) 2008-2026 the Initial Developer. All Rights Reserved. Contributor(s): @@ -404,6 +404,16 @@ //create a one way hash for the user password $array['users'][$x]['password'] = password_hash($password, PASSWORD_DEFAULT, $options); $array['users'][$x]['salt'] = null; + + //remove remember me tokens + setcookie('remember', '', time() - 3600, '/'); + $sql = "update v_user_logs "; + $sql .= "set remember_selector = null, "; + $sql .= "remember_validator = null "; + $sql .= "where user_uuid = :user_uuid "; + $parameters['user_uuid'] = $user_uuid; + $database->execute($sql, $parameters); + unset($sql, $parameters); } $array['users'][$x]['user_email'] = $user_email; $array['users'][$x]['user_status'] = $user_status;