diff options
Diffstat (limited to 'www')
| -rw-r--r-- | www/constants.php | 6 | ||||
| -rwxr-xr-x | www/functions/func_invite.php | 7 | ||||
| -rwxr-xr-x | www/functions/func_register.php | 20 |
3 files changed, 22 insertions, 11 deletions
diff --git a/www/constants.php b/www/constants.php index 9935e1c..d8f3229 100644 --- a/www/constants.php +++ b/www/constants.php @@ -13,9 +13,11 @@ define("REGISTER_PASSWORD", 7); define("REGISTER_EMAIL", 8); define("REGISTER_DATABASE", 9); define("REGISTER_PROHIBITED", 10); -define("REGISTER_INVITEKEY", 12); -define("REGISTER_USERNANE", 13); +define("REGISTER_INVITEKEY", 11); +define("REGISTER_USERNANE", 12); +define("REGISTER_INVITE", 13); define("INVITE_SUCCESSFULL", 14); define("INVITE_INVITES", 15); define("INVITE_DATABASE", 16); +define("INVITE_USEREXISTS", 17); diff --git a/www/functions/func_invite.php b/www/functions/func_invite.php index ad87a21..b37ea09 100755 --- a/www/functions/func_invite.php +++ b/www/functions/func_invite.php @@ -15,6 +15,13 @@ function invite($db){ return INVITE_INVITES; } + $email_db = $db->query("Select 1 FROM user WHERE email='" . $safe_email . "';"); + $email_ar = $email_db->fetchArray(SQLITE3_NUM); + + if($email_ar[0] == 1){ + return INVITE_USEREXISTS; + } + /*Generates the invite key => [-_0-9a-zA-Z]{11}*/ $key_array = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "_", "-", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9" ); diff --git a/www/functions/func_register.php b/www/functions/func_register.php index b089e24..bafdbad 100755 --- a/www/functions/func_register.php +++ b/www/functions/func_register.php @@ -21,19 +21,21 @@ function register($db){ /*Checks the validation of the registration attempt*/ - $test_status_db = $db->query("SELECT status FROM user WHERE email='" . $safe_email . "';"); - $test_status_ar = $test_status_db->fetchArray(SQLITE3_NUM); - $test_status_int = $test_status_ar[0]; + $test_db = $db->query("SELECT 1,key,status FROM user WHERE email='" . $safe_email . "';"); + $test_ar = $test_status_db->fetchArray(SQLITE3_NUM); + $test_email = $test_ar[0]; + $test_key = $test_ar[1]; + $test_status_int = $test_ar[2]; + + if($test_email != 1){ + return REGISTER_INVITE; + } - if (empty($test_status_ar) || $test_status_int != 0){ + if($test_status_int != 0){ return REGISTER_PROHIBITED; } - $test_key_db = $db->query("SELECT key FROM user WHERE email='" . $safe_email . "';"); - $test_key_ar = $test_key_db->fetchArray(SQLITE3_NUM); - $test_key = $test_key_ar[0]; - - if ($test_key != $_POST["key"] || $test_key == ""){ + if($test_key != $_POST["key"] || $test_key == ""){ return REGISTER_INVITEKEY; } |