Module: appdb Branch: master Commit: 7b26438a583b5d9559bd67e22511ff67812feadb URL: http://source.winehq.org/git/appdb.git/?a=commit;h=7b26438a583b5d9559bd67e22...

Author: Jeff Zaroyko jeffzaroyko@gmail.com Date: Mon Jun 16 12:57:55 2008 +1000

change the registration process to email a random password due to recent abuse

---

account.php | 20 ++++---------------- include/form_new.php | 8 -------- include/user.php | 1 + 3 files changed, 5 insertions(+), 24 deletions(-)

diff --git a/account.php b/account.php index 3538b75..1ecff46 100644 --- a/account.php +++ b/account.php @@ -96,16 +96,6 @@ function cmd_do_new() retry("new", "Invalid email address"); return; } - if(strlen($aClean['sUserPassword']) < 5) - { - retry("new", "Password must be at least 5 characters"); - return; - } - if($aClean['sUserPassword'] != $aClean['sUserPassword2']) - { - retry("new", "Passwords don't match"); - return; - } if(empty($aClean['sUserRealname'])) { retry("new", "You don't have a Real name?"); @@ -113,16 +103,14 @@ function cmd_do_new() }

$oUser = new User(); - - $iResult = $oUser->create($aClean['sUserEmail'], $aClean['sUserPassword'], + $sPassword = substr(base_convert(rand(0, PHP_INT_MAX),10, 36), 0, 9); + $iResult = $oUser->create($aClean['sUserEmail'], $sPassword, $aClean['sUserRealname'], $aClean['sWineRelease'] );

if($iResult == SUCCESS) { - /* if we can log the user in, log them in automatically */ - $oUser->login($aClean['sUserEmail'], $aClean['sUserPassword']); - - addmsg("Account created! (".$aClean['sUserEmail'].")", "green"); + mail_appdb($oUser->sEmail, "New account", "Your password is ".$sPassword); + addmsg("Account created! Check your email for your password. (".$aClean['sUserEmail'].")", "green"); util_redirect_and_exit(apidb_fullurl()); } else if($iResult == USER_CREATE_EXISTS) diff --git a/include/form_new.php b/include/form_new.php index 62c3e8d..560b4bd 100644 --- a/include/form_new.php +++ b/include/form_new.php @@ -17,14 +17,6 @@ echo html_frame_start("Create New Application DB Account","400","",0) <td class=color0> <input type="text" name="sUserEmail" value='<?php if(!empty($aClean['sUserEmail'])) echo $aClean['sUserEmail']?>'> </td> </tr> <tr> - <td class=color1> Password </td> - <td class=color0> <input type="password" name="sUserPassword"> </td> - </tr> - <tr> - <td class=color1> Password (again) </td> - <td class=color0> <input type="password" name="sUserPassword2"> </td> - </tr> - <tr> <td class=color1> Real Name </td> <td class=color0> <input type="text" name="sUserRealname" value='<?php if(!empty($aClean['sUserRealname'])) echo $aClean['sUserRealname']?>'> </td> </tr> diff --git a/include/user.php b/include/user.php index af15196..20c6b1b 100644 --- a/include/user.php +++ b/include/user.php @@ -173,6 +173,7 @@ class User { $retval = $this->login($sEmail, $sPassword); if($retval == SUCCESS) $this->setPref("comments:mode", "threaded"); /* set the users default comments:mode to threaded */ + $this->logout();

return $retval; }