가입인증메일, ID/PW찾기 메일이 24시간 동안만 유효하도록 제한

modules/member/member.controller.php

@@ -72,6 +72,11 @@ class memberController extends member
 			}
 		}
 
+		// Delete all previous authmail if login is successful
+		$args = new stdClass();
+		$args->member_srl = $this->memberInfo->member_srl;
+		executeQuery('member.deleteAuthMail', $args);
+
 		if(!$config->after_login_url)
 		{
 			$returnUrl = Context::get('success_return_url') ? Context::get('success_return_url') : getNotEncodedUrl('', 'mid', Context::get('mid'), 'act', '');
@@ -1128,6 +1133,12 @@ class memberController extends member
 			return $this->stop('msg_invalid_auth_key');
 		}
 
+		if(ztime($output->data->regdate) < $_SERVER['REQUEST_TIME'] + zgap() - 86400)
+		{
+			executeQuery('member.deleteAuthMail', $args);
+			return $this->stop('msg_invalid_auth_key');
+		}
+
 		$args->password = $output->data->new_password;
 
 		// If credentials are correct, change the password to a new one