summaryrefslogtreecommitdiff
path: root/www/functions
diff options
context:
space:
mode:
Diffstat (limited to 'www/functions')
-rwxr-xr-xwww/functions/func_invite.php90
-rwxr-xr-xwww/functions/func_login.php10
-rwxr-xr-xwww/functions/func_register.php10
3 files changed, 48 insertions, 62 deletions
diff --git a/www/functions/func_invite.php b/www/functions/func_invite.php
index 79dec36..ad87a21 100755
--- a/www/functions/func_invite.php
+++ b/www/functions/func_invite.php
@@ -1,68 +1,54 @@
<?php
function invite($db){
- if($_SERVER['REQUEST_METHOD'] == 'POST') {
- if(!$_SESSION["login"]){
- header("Refresh: 0; /login");
- return false;
- }
+ $name=$_SESSION["username"];
+ $safe_name = SQLite3::escapeString("$name");
- $name=$_SESSION["username"];
- $safe_name = SQLite3::escapeString("$name");
+ $email=$_POST["email"];
+ $safe_email=SQLite3::escapeString("$email");
- $email=$_POST["email"];
- $safe_email=SQLite3::escapeString("$email");
+ $invite_db = $db->query("SELECT invites FROM user WHERE name='" . $safe_name . "';");
+ $invite_ar = $invite_db->fetchArray(SQLITE3_NUM);
+ $invite = $invite_ar[0];
- $invite_db = $db->query("SELECT invites FROM user WHERE name='" . $safe_name . "';");
- $invite_ar = $invite_db->fetchArray(SQLITE3_NUM);
- $invite = $invite_ar[0];
-
- if($invite > 0){
+ if($invite <= 0){
+ return INVITE_INVITES;
+ }
/*Generates the invite key => [-_0-9a-zA-Z]{11}*/
- $key_array = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "_", "-", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9" );
+ $key_array = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "_", "-", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9" );
- $length = count($key_array);
- $key = "";
+ $length = count($key_array);
+ $key = "";
- for ($i=0;$i<11;$i++){
- $index = mt_rand(0,$length-1);
- $key = "$key".$key_array[$index];
- }
+ for ($i=0;$i<11;$i++){
+ $index = mt_rand(0,$length-1);
+ $key = "$key".$key_array[$index];
+ }
- $id_db = $db->query("SELECT id FROM USER WHERE name=' " . $safe_name . "';");
- $id_ar = $id_db->fetchArray(SQLITE3_NUM);
- $id = $id_ar[0];
+ $id_db = $db->query("SELECT id FROM USER WHERE name=' " . $safe_name . "';");
+ $id_ar = $id_db->fetchArray(SQLITE3_NUM);
+ $id = $id_ar[0];
/*Generates the new user and decrease the invites*/
- $invite = $invite - 1;
-
- if($db->exec("
- BEGIN TRANSACTION;
- INSERT INTO user (id, name, email, senpai, key, status) VALUES (NULL, NULL, '" . $safe_email . "', '" . $id . "', '" . $key . "', 0);
- UPDATE user SET invites='" . $invite . "' WHERE id='" . $id . "';
- COMMIT;")
- ){
- $subject="Welcome, you were invited to the new virtual filesystem.\nYour key is" . $key . "\nVisit files.iamfabulous.de/register to complete your registration.";
-
- mail($email, "Invite", $subject, "From: mail@iamfabulous.de");
-
- header("Refresh: 0; /invite?reason=success&key=" . $key);
- return true;
-
- } else {
- header("Refresh: 0; /invite?reason=database");
- return false;
- }
-
- } else {
- header("Refresh: 0; /invite?reason=invites");
- return false;
- }
- } else {
- include("invite.php");
- return false;
- }
+ $invite = $invite - 1;
+
+ if($db->exec("
+ BEGIN TRANSACTION;
+ INSERT INTO user (id, name, email, senpai, key, status) VALUES (NULL, NULL, '" . $safe_email . "', '" . $id . "', '" . $key . "', 0);
+ UPDATE user SET invites='" . $invite . "' WHERE id='" . $id . "';
+ COMMIT;")
+ ){
+
+ $subject="Welcome, you were invited to the new virtual filesystem.\nYour key is" . $key . "\nVisit files.iamfabulous.de/register to complete your registration.";
+
+ mail($email, "Invite", $subject, "From: mail@iamfabulous.de");
+
+ return INVITE_SUCCESSFULL;
+
+ } else {
+ return INVITE_DATABASE;
+ }
}
diff --git a/www/functions/func_login.php b/www/functions/func_login.php
index a09b198..5a3dbc9 100755
--- a/www/functions/func_login.php
+++ b/www/functions/func_login.php
@@ -18,7 +18,7 @@ function login($db){
/*___Login___*/
if (!password_verify($password, $real_password)) {
- return "failure";
+ return LOGIN_PASSWORD;
}
if($db->exec("
@@ -33,17 +33,17 @@ function login($db){
$_SESSION["username"] = $username;
$_SESSION["userid"] = $id;
- return "success";
+ return LOGIN_SUCCESSFULL;
} else {
- return "database";
+ return LOGIN_DATABASE;
}
}
function logout(){
if(session_destroy()){
- return "logout";
+ return LOGOUT_SUCCESSFULL;
} else {
- return false;
+ return LOGOUT_FAILURE;
}
}
diff --git a/www/functions/func_register.php b/www/functions/func_register.php
index 0555470..252467b 100755
--- a/www/functions/func_register.php
+++ b/www/functions/func_register.php
@@ -9,11 +9,11 @@ function register($db){
/* checking for empty password etc. */
if(($cleartext_password != $second_password) || !isset($_POST["pswd"]) || !isset($_POST["2ndpswd"]) || $cleartext_password == "" || empty($_POST["pswd"]) || empty($_POST["2ndpswd"])){
- return "password";
+ return REGISTER_PASSWORD;
}
if(!preg_match("/[^.+@.+]/", $email)){
- return "encoding";
+ return REGISTER_EMAIL;
}
$safe_name = SQLite3::escapeString("$name");
@@ -30,7 +30,7 @@ function register($db){
$test_key = $test_key_ar[0];
if (empty($test_status_ar) || $test_status_int != 0 || $test_key != $_POST["key"] || $test_key == ""){
- return "prohibited";
+ return REGISTER_PROHOBITED;
}
$id_db = $db->query("SELECT id FROM user WHERE email='" . $safe_email . "';");
@@ -57,10 +57,10 @@ function register($db){
$_SESSION["username"] = $name;
$_SESSION["userid"] = $userid;
- return "success";
+ return REGISTER_SUCCESSFULL;
} else {
- return "database";
+ return REGISTER_DATABASE;
}
}