From 6dc7225794ced4ab3b2293ca8dd10167eee13e63 Mon Sep 17 00:00:00 2001
From: Sam Reed <reedy@users.mediawiki.org>
Date: Thu, 10 Feb 2011 02:32:34 +0000
Subject: [PATCH] *(bug 27159) make email confirmation code expiration time
 configurable

Added "$wgUserEmailConfirmationTokenExpiry"
---
 includes/DefaultSettings.php | 5 +++++
 includes/User.php            | 3 ++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index c7988c6c43..c2147f567b 100644
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -1045,6 +1045,11 @@ $wgPasswordReminderResendTime = 24;
  */
 $wgNewPasswordExpiry  = 3600 * 24 * 7;
 
+/**
+ * The time, in seconds, when an email confirmation email expires
+ */
+$wgUserEmailConfirmationTokenExpiry = 7 * 24 * 60 * 60;
+
 /**
  * SMTP Mode
  * For using a direct (authenticated) SMTP server connection.
diff --git a/includes/User.php b/includes/User.php
index 90875cbaa5..77abfc2cb8 100644
--- a/includes/User.php
+++ b/includes/User.php
@@ -2982,8 +2982,9 @@ class User {
 	 * @private
 	 */
 	function confirmationToken( &$expiration ) {
+		global $wgUserEmailConfirmationTokenExpiry;
 		$now = time();
-		$expires = $now + 7 * 24 * 60 * 60;
+		$expires = $now + $wgUserEmailConfirmationTokenExpiry;
 		$expiration = wfTimestamp( TS_MW, $expires );
 		$token = self::generateToken( $this->mId . $this->mEmail . $expires );
 		$hash = md5( $token );
-- 
2.20.1