diff options
| author | Horus3 | 2014-03-16 22:26:19 +0100 |
|---|---|---|
| committer | Horus3 | 2014-03-16 22:26:19 +0100 |
| commit | 3cbe01ea7df2f628e767b7b00e7c1612062c05ab (patch) | |
| tree | f5e65b4d34f0ad683b531034758e87b66d0b0f32 /www/functions/func_register.php | |
| parent | 0665ea1e03f2bbb269e33ab78e4271eabe8f6442 (diff) | |
| download | files.iamfabulous.de-3cbe01ea7df2f628e767b7b00e7c1612062c05ab.tar.gz | |
Checks if user really invited.
Diffstat (limited to 'www/functions/func_register.php')
| -rwxr-xr-x | www/functions/func_register.php | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/www/functions/func_register.php b/www/functions/func_register.php index b089e24..bafdbad 100755 --- a/www/functions/func_register.php +++ b/www/functions/func_register.php @@ -21,19 +21,21 @@ function register($db){ /*Checks the validation of the registration attempt*/ - $test_status_db = $db->query("SELECT status FROM user WHERE email='" . $safe_email . "';"); - $test_status_ar = $test_status_db->fetchArray(SQLITE3_NUM); - $test_status_int = $test_status_ar[0]; + $test_db = $db->query("SELECT 1,key,status FROM user WHERE email='" . $safe_email . "';"); + $test_ar = $test_status_db->fetchArray(SQLITE3_NUM); + $test_email = $test_ar[0]; + $test_key = $test_ar[1]; + $test_status_int = $test_ar[2]; + + if($test_email != 1){ + return REGISTER_INVITE; + } - if (empty($test_status_ar) || $test_status_int != 0){ + if($test_status_int != 0){ return REGISTER_PROHIBITED; } - $test_key_db = $db->query("SELECT key FROM user WHERE email='" . $safe_email . "';"); - $test_key_ar = $test_key_db->fetchArray(SQLITE3_NUM); - $test_key = $test_key_ar[0]; - - if ($test_key != $_POST["key"] || $test_key == ""){ + if($test_key != $_POST["key"] || $test_key == ""){ return REGISTER_INVITEKEY; } |