Jeff Zaroyko : change the registration process to email a random password due to recent abuse
Chris Morgan
cmorgan at winehq.org
Sun Jun 15 22:07:52 CDT 2008
Module: appdb
Branch: master
Commit: 7b26438a583b5d9559bd67e22511ff67812feadb
URL: http://source.winehq.org/git/appdb.git/?a=commit;h=7b26438a583b5d9559bd67e22511ff67812feadb
Author: Jeff Zaroyko <jeffzaroyko at gmail.com>
Date: Mon Jun 16 12:57:55 2008 +1000
change the registration process to email a random password due to recent abuse
---
account.php | 20 ++++----------------
include/form_new.php | 8 --------
include/user.php | 1 +
3 files changed, 5 insertions(+), 24 deletions(-)
diff --git a/account.php b/account.php
index 3538b75..1ecff46 100644
--- a/account.php
+++ b/account.php
@@ -96,16 +96,6 @@ function cmd_do_new()
retry("new", "Invalid email address");
return;
}
- if(strlen($aClean['sUserPassword']) < 5)
- {
- retry("new", "Password must be at least 5 characters");
- return;
- }
- if($aClean['sUserPassword'] != $aClean['sUserPassword2'])
- {
- retry("new", "Passwords don't match");
- return;
- }
if(empty($aClean['sUserRealname']))
{
retry("new", "You don't have a Real name?");
@@ -113,16 +103,14 @@ function cmd_do_new()
}
$oUser = new User();
-
- $iResult = $oUser->create($aClean['sUserEmail'], $aClean['sUserPassword'],
+ $sPassword = substr(base_convert(rand(0, PHP_INT_MAX),10, 36), 0, 9);
+ $iResult = $oUser->create($aClean['sUserEmail'], $sPassword,
$aClean['sUserRealname'], $aClean['sWineRelease'] );
if($iResult == SUCCESS)
{
- /* if we can log the user in, log them in automatically */
- $oUser->login($aClean['sUserEmail'], $aClean['sUserPassword']);
-
- addmsg("Account created! (".$aClean['sUserEmail'].")", "green");
+ mail_appdb($oUser->sEmail, "New account", "Your password is ".$sPassword);
+ addmsg("Account created! Check your email for your password. (".$aClean['sUserEmail'].")", "green");
util_redirect_and_exit(apidb_fullurl());
}
else if($iResult == USER_CREATE_EXISTS)
diff --git a/include/form_new.php b/include/form_new.php
index 62c3e8d..560b4bd 100644
--- a/include/form_new.php
+++ b/include/form_new.php
@@ -17,14 +17,6 @@ echo html_frame_start("Create New Application DB Account","400","",0)
<td class=color0> <input type="text" name="sUserEmail" value='<?php if(!empty($aClean['sUserEmail'])) echo $aClean['sUserEmail']?>'> </td>
</tr>
<tr>
- <td class=color1> Password </td>
- <td class=color0> <input type="password" name="sUserPassword"> </td>
- </tr>
- <tr>
- <td class=color1> Password (again) </td>
- <td class=color0> <input type="password" name="sUserPassword2"> </td>
- </tr>
- <tr>
<td class=color1> Real Name </td>
<td class=color0> <input type="text" name="sUserRealname" value='<?php if(!empty($aClean['sUserRealname'])) echo $aClean['sUserRealname']?>'> </td>
</tr>
diff --git a/include/user.php b/include/user.php
index af15196..20c6b1b 100644
--- a/include/user.php
+++ b/include/user.php
@@ -173,6 +173,7 @@ class User {
$retval = $this->login($sEmail, $sPassword);
if($retval == SUCCESS)
$this->setPref("comments:mode", "threaded"); /* set the users default comments:mode to threaded */
+ $this->logout();
return $retval;
}
More information about the wine-cvs
mailing list