danwin1210/hosting
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Structure changes for future features

Browse Source
This commit is contained in:
Daniel Winzen
2018-10-20 18:20:27 +02:00
parent 96efd92ab1
commit 2cee59dc6f
47 changed files with 186 additions and 355 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
var/www/html/login.php
View File

@ -22,18 +22,18 @@ if($_SERVER['REQUEST_METHOD']==='POST'){
$msg.='<p style="color:red;">Error: username may not be empty.</p>';
$ok=false;
}else{
$stmt=$db->prepare('SELECT username, password, onion FROM users WHERE username=?;');
$stmt=$db->prepare('SELECT username, password, id FROM users WHERE username=?;');
$stmt->execute([$_POST['username']]);
$tmp=[];
if(($tmp=$stmt->fetch(PDO::FETCH_NUM))===false && preg_match('/^([2-7a-z]{16}).onion$/', $_POST['username'], $match)){
$stmt=$db->prepare('SELECT username, password, onion FROM users WHERE onion=?;');
$stmt=$db->prepare('SELECT users.username, users.password, users.id FROM users INNER JOIN onions ON (onions.user_id=users.id) WHERE onions.onion=?;');
$stmt->execute([$match[1]]);
$tmp=$stmt->fetch(PDO::FETCH_NUM);
}
if($tmp){
$username=$tmp[0];
$password=$tmp[1];
$stmt=$db->prepare('SELECT new_account.approved FROM new_account INNER JOIN users ON (users.id=new_account.user_id) WHERE users.onion=?;');
$stmt=$db->prepare('SELECT new_account.approved FROM new_account INNER JOIN users ON (users.id=new_account.user_id) WHERE users.id=?;');
$stmt->execute([$tmp[2]]);
if($tmp=$stmt->fetch(PDO::FETCH_NUM)){
if(REQUIRE_APPROVAL && !$tmp[0]){