ulysia/szurubooru
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixed (very unlikely) activation links collisions

Browse source
This commit is contained in:
Marcin Kurczewski 2013-10-05 17:10:18 +02:00
parent 3a77bb7c59
commit a1f73d008d
1 changed files with 9 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
src/Controllers/AuthController.php
View file

@ -130,12 +130,20 @@ class AuthController extends AbstractController
$dbUser->email = $suppliedEmail;
$dbUser->admin_confirmed = $adminActivation ? false : true;
$dbUser->email_confirmed = $emailActivation ? false : true;
$dbUser->email_token = md5(mt_rand() . uniqid());
$dbUser->access_rank = R::findOne('user') === null ? AccessRank::Admin : AccessRank::Registered;
//prepare unique registration token
do
{
$emailToken = md5(mt_rand() . uniqid());
}
while (R::findOne('user', 'email_token = ?', [$emailToken]) !== null);
$dbUser->email_token = $emailToken;
//send the e-mail
if ($emailActivation)
{
$tokens = [];
$tokens['host'] = $_SERVER['HTTP_HOST'];
$tokens['link'] = \Chibi\UrlHelper::route('auth', 'activation', ['token' => $dbUser->email_token]);