lopar/battles
lopar/battles
0
0
Fork 0
Code Issues 21 Pull Requests Releases Wiki Activity

Не отрабатывает проверка на незаполненность. На один запрос меньше при неверном логине.

Browse Source
This commit is contained in:
lopar 2020-08-27 20:20:31 +03:00
parent 588f189f89
commit 75a1eb0c9b
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
rememberpassword.php
View File

@ -22,10 +22,10 @@ function mail_send($to, $from_user, $from_email, $subject = '(No subject)', $mes
$login = filter_input(INPUT_POST, 'loginid', FILTER_SANITIZE_SPECIAL_CHARS); $login = filter_input(INPUT_POST, 'loginid', FILTER_SANITIZE_SPECIAL_CHARS);
if ($login) { if ($login) {
$recovery = db::c()->query('SELECT 1 FROM users_recovery WHERE login = "?s"', $login)->getNumRows() ?? 0; $loginCheck = db::c()->query('SELECT email FROM users WHERE login = "?s"', $login)->fetch_assoc();
if ($recovery) { if ($loginCheck) {
$sql = db::c()->query('SELECT email FROM users WHERE login = "?s"', $login)->fetch_assoc(); $recovery = db::c()->query('SELECT 1 FROM users_recovery WHERE login = "?s"', $login)->getNumRows() ?? 0;
if ($sql) { if (!$recovery) {
$hash = bin2hex(random_bytes(8)); $hash = bin2hex(random_bytes(8));
$lasttime = date('Y-m-d', strtotime('+1days')); $lasttime = date('Y-m-d', strtotime('+1days'));
$ip = $_SERVER['REMOTE_ADDR']; $ip = $_SERVER['REMOTE_ADDR'];
@ -42,10 +42,10 @@ if ($login) {
$statusMessage = ERROR_MAIL_NOT_SENT; $statusMessage = ERROR_MAIL_NOT_SENT;
} }
} else { } else {
$statusMessage = ERROR_NO_SUCH_USER; $statusMessage = ERROR_TOO_MANY_TRIES;
} }
} else { } else {
$statusMessage = ERROR_TOO_MANY_TRIES; $statusMessage = ERROR_NO_SUCH_USER;
} }
} }