summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHorus32014-03-16 22:26:19 +0100
committerHorus32014-03-16 22:26:19 +0100
commit3cbe01ea7df2f628e767b7b00e7c1612062c05ab (patch)
treef5e65b4d34f0ad683b531034758e87b66d0b0f32
parent0665ea1e03f2bbb269e33ab78e4271eabe8f6442 (diff)
downloadfiles.iamfabulous.de-3cbe01ea7df2f628e767b7b00e7c1612062c05ab.tar.gz
Checks if user really invited.
Diffstat
-rw-r--r--www/constants.php6
-rwxr-xr-xwww/functions/func_invite.php7
-rwxr-xr-xwww/functions/func_register.php20
3 files changed, 22 insertions, 11 deletions
diff --git a/www/constants.php b/www/constants.php
index 9935e1c..d8f3229 100644
--- a/www/constants.php
+++ b/www/constants.php
@@ -13,9 +13,11 @@ define("REGISTER_PASSWORD", 7);
define("REGISTER_EMAIL", 8);
define("REGISTER_DATABASE", 9);
define("REGISTER_PROHIBITED", 10);
-define("REGISTER_INVITEKEY", 12);
-define("REGISTER_USERNANE", 13);
+define("REGISTER_INVITEKEY", 11);
+define("REGISTER_USERNANE", 12);
+define("REGISTER_INVITE", 13);
define("INVITE_SUCCESSFULL", 14);
define("INVITE_INVITES", 15);
define("INVITE_DATABASE", 16);
+define("INVITE_USEREXISTS", 17);
diff --git a/www/functions/func_invite.php b/www/functions/func_invite.php
index ad87a21..b37ea09 100755
--- a/www/functions/func_invite.php
+++ b/www/functions/func_invite.php
@@ -15,6 +15,13 @@ function invite($db){
return INVITE_INVITES;
}
+ $email_db = $db->query("Select 1 FROM user WHERE email='" . $safe_email . "';");
+ $email_ar = $email_db->fetchArray(SQLITE3_NUM);
+
+ if($email_ar[0] == 1){
+ return INVITE_USEREXISTS;
+ }
+
/*Generates the invite key => [-_0-9a-zA-Z]{11}*/
$key_array = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "_", "-", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9" );
diff --git a/www/functions/func_register.php b/www/functions/func_register.php
index b089e24..bafdbad 100755
--- a/www/functions/func_register.php
+++ b/www/functions/func_register.php
@@ -21,19 +21,21 @@ function register($db){
/*Checks the validation of the registration attempt*/
- $test_status_db = $db->query("SELECT status FROM user WHERE email='" . $safe_email . "';");
- $test_status_ar = $test_status_db->fetchArray(SQLITE3_NUM);
- $test_status_int = $test_status_ar[0];
+ $test_db = $db->query("SELECT 1,key,status FROM user WHERE email='" . $safe_email . "';");
+ $test_ar = $test_status_db->fetchArray(SQLITE3_NUM);
+ $test_email = $test_ar[0];
+ $test_key = $test_ar[1];
+ $test_status_int = $test_ar[2];
+
+ if($test_email != 1){
+ return REGISTER_INVITE;
+ }
- if (empty($test_status_ar) || $test_status_int != 0){
+ if($test_status_int != 0){
return REGISTER_PROHIBITED;
}
- $test_key_db = $db->query("SELECT key FROM user WHERE email='" . $safe_email . "';");
- $test_key_ar = $test_key_db->fetchArray(SQLITE3_NUM);
- $test_key = $test_key_ar[0];
-
- if ($test_key != $_POST["key"] || $test_key == ""){
+ if($test_key != $_POST["key"] || $test_key == ""){
return REGISTER_INVITEKEY;
}