1 files changed, 18 insertions, 5 deletions

diff --git a/class/user.php b/class/user.php
index 6e4d594..9cecf43 100644
--- a/class/user.php
+++ b/class/user.php
@@ -106,6 +106,8 @@ class jg {
 		$_SESSION["userid"] = $this->getUserId();
 		$_SESSION["username"] = $this->username;
 
+		$_SESSION["new_login"] = 1;
+
 		return true;
 	}
 
@@ -149,9 +151,20 @@ class jg {
 		return true;
 	}
 
-	public function loginByEmail($name, $hash, $redis) {
-		if( $redis->getValue(strtolower($name)) == $hash ) {
-			return $this->login($name, null, true);
+	public function loginByEmail($email, $hash, $redis) {
+		if( $redis->getValue(strtolower($email)) == $hash ) {
+			global $db;
+			$sql = $db->prepare("SELECT * FROM " . DBPREFIX . "member WHERE email=%s;", $email);
+			$db_db = $db->doQuery($sql);
+			if ( is_bool($db_db) )
+				return false;
+			else
+				$this->query = $db_db->fetch_array(MYSQLI_ASSOC);
+
+			$this->username = $this->getUser();
+
+			$redis->delete( strtolower($email) );
+			return $this->login($this->username, null, true);
 		} else {
 			return false;
 		}
@@ -160,14 +173,14 @@ class jg {
 	public function setHash($email, $redis) {
 		global $db;
 
-		$sql = $db->prepare("SELECT * FROM " . DBPREFIX . "user WHERE email=%s;", $email);
+		$sql = $db->prepare("SELECT * FROM " . DBPREFIX . "member WHERE email=%s;", $email);
 		$db_db = $db->doQuery($sql);
 		if ( is_bool($db_db) )
 			return false;
 		else
 			$this->query = $db_db->fetch_array(MYSQLI_ASSOC);
 
-		if ( $this->getEmail == $email) {
+		if ( strtolower($this->getEmail()) == strtolower($email)) {
 			// See here: https://stackoverflow.com/questions/19017694/one-line-php-random-string-generator?answertab=active#tab-top
 			$hash = chr( mt_rand( 97 ,122 ) ) .substr( md5( time( ) ) ,1 );
 			$redis->setKey(strtolower($email), $hash, 86400);