Image board engine, Danbooru-style.
Find a file
Marcin Kurczewski 3e1aaebf89 Fixed account activation for first user
Until now, AuthService used to check for empty e-mail in order to tell
whether an account is activated. This was wrong for following scenario:

1. User doesn't enter any e-mail.
2. Because he is about to become the first user to register, he will
   become an administrator.
3. Administrators don't need to confirm their e-mail address. Activation
   e-mail is not sent, code for e-mail activation is run instead.
4. The user succeeds to create an e-mail-less administrator account.
5. The user fails to login due to unconfirmed e-mail.
6. The code that activates an e-mail just moves unconfirmed e-mail to
   primary e-mail. That was the bug, there's no e-mail to confirm.

Things got (hopefully) simpler now, since I added separate column for
indicating whether account is activated.
2014-10-18 18:48:22 +02:00
data Switched to sqlite (closed #38) 2014-10-18 18:48:21 +02:00
public_html Fixed vendor autoloader placement 2014-10-18 18:48:21 +02:00
src Fixed account activation for first user 2014-10-18 18:48:22 +02:00
tests Fixed account activation for first user 2014-10-18 18:48:22 +02:00
.gitignore Added style checkers and build tasks 2014-10-18 18:48:19 +02:00
composer.json Switched to sqlite (closed #38) 2014-10-18 18:48:21 +02:00
gruntfile.js Switched to sqlite (closed #38) 2014-10-18 18:48:21 +02:00
LICENSE Removed unneeded file; added license 2014-10-18 18:48:11 +02:00
package.json Changed minification engine (closed #4) 2014-10-18 18:48:20 +02:00
phpcheckstyle.cfg Turned on notifications about unused variables 2014-10-18 18:48:21 +02:00
upgrade.php Fixed vendor autoloader placement 2014-10-18 18:48:21 +02:00