HOR-759

Password is sent in clear text when "forgot password" functionality is used

workflow/engine/methods/login/retrivePassword.php

@@ -23,6 +23,12 @@ if ($userData['USR_EMAIL'] != '' && $userData['USR_EMAIL'] === $data['USR_EMAIL'
 
     $aData['USR_UID'] = $userData['USR_UID'];
     $aData['USR_PASSWORD'] = Bootstrap::hashPassword($newPass);
+    $oUserProperty = new UsersProperties();
+    $aUserPropertyData = $oUserProperty->load($aData['USR_UID']);
+    if (is_array($aUserPropertyData)) {
+        $aUserPropertyData['USR_LOGGED_NEXT_TIME'] = 1;
+        $oUserProperty = $oUserProperty->update($aUserPropertyData);
+    }
     /* **Save after sending the mail
       $rbacUser->update($aData);
       $user->update($aData);