diff options
| author | Horus3 | 2014-03-16 22:26:19 +0100 |
|---|---|---|
| committer | Horus3 | 2014-03-16 22:26:19 +0100 |
| commit | 3cbe01ea7df2f628e767b7b00e7c1612062c05ab (patch) | |
| tree | f5e65b4d34f0ad683b531034758e87b66d0b0f32 /www/functions | |
| parent | 0665ea1e03f2bbb269e33ab78e4271eabe8f6442 (diff) | |
| download | files.iamfabulous.de-3cbe01ea7df2f628e767b7b00e7c1612062c05ab.tar.gz | |
Checks if user really invited.
Diffstat (limited to 'www/functions')
| -rwxr-xr-x | www/functions/func_invite.php | 7 | ||||
| -rwxr-xr-x | www/functions/func_register.php | 20 |
2 files changed, 18 insertions, 9 deletions
diff --git a/www/functions/func_invite.php b/www/functions/func_invite.php index ad87a21..b37ea09 100755 --- a/www/functions/func_invite.php +++ b/www/functions/func_invite.php @@ -15,6 +15,13 @@ function invite($db){ return INVITE_INVITES; } + $email_db = $db->query("Select 1 FROM user WHERE email='" . $safe_email . "';"); + $email_ar = $email_db->fetchArray(SQLITE3_NUM); + + if($email_ar[0] == 1){ + return INVITE_USEREXISTS; + } + /*Generates the invite key => [-_0-9a-zA-Z]{11}*/ $key_array = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "_", "-", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9" ); diff --git a/www/functions/func_register.php b/www/functions/func_register.php index b089e24..bafdbad 100755 --- a/www/functions/func_register.php +++ b/www/functions/func_register.php @@ -21,19 +21,21 @@ function register($db){ /*Checks the validation of the registration attempt*/ - $test_status_db = $db->query("SELECT status FROM user WHERE email='" . $safe_email . "';"); - $test_status_ar = $test_status_db->fetchArray(SQLITE3_NUM); - $test_status_int = $test_status_ar[0]; + $test_db = $db->query("SELECT 1,key,status FROM user WHERE email='" . $safe_email . "';"); + $test_ar = $test_status_db->fetchArray(SQLITE3_NUM); + $test_email = $test_ar[0]; + $test_key = $test_ar[1]; + $test_status_int = $test_ar[2]; + + if($test_email != 1){ + return REGISTER_INVITE; + } - if (empty($test_status_ar) || $test_status_int != 0){ + if($test_status_int != 0){ return REGISTER_PROHIBITED; } - $test_key_db = $db->query("SELECT key FROM user WHERE email='" . $safe_email . "';"); - $test_key_ar = $test_key_db->fetchArray(SQLITE3_NUM); - $test_key = $test_key_ar[0]; - - if ($test_key != $_POST["key"] || $test_key == ""){ + if($test_key != $_POST["key"] || $test_key == ""){ return REGISTER_INVITEKEY; } |