X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=inline;f=inc%2Fmodules%2Fguest%2Fwhat-register.php;h=c38e2e5bb5676d069c12a2f56a91a9c81e320308;hb=fc7f4d7fd71c718503c2af305276f5a374ae24da;hp=cec98b6c1d7aaadb2468aa64a3803c02afaf593c;hpb=aa106991e88b0dab33bf2a2d2409638e26a4c656;p=mailer.git diff --git a/inc/modules/guest/what-register.php b/inc/modules/guest/what-register.php index cec98b6c1d..c38e2e5bb5 100644 --- a/inc/modules/guest/what-register.php +++ b/inc/modules/guest/what-register.php @@ -173,17 +173,21 @@ if (isset($_POST['ok'])) { SQL_FREERESULT($result); } -if ((isset($_POST['ok'])) && (!$FAILED)) -{ - // Save the registration +if ((isset($_POST['ok'])) && (!$FAILED)) { + // Prepapre month and day of birth if (strlen($_POST['day']) == 1) $_POST['day'] = "0".$_POST['day']; if (strlen($_POST['month']) == 1) $_POST['month'] = "0".$_POST['month']; - // Get total users - $totalUsers = GET_TOTAL_DATA("CONFIRMED", "user_data", "userid", "status", true); + // Get total ... + // ... confirmed, ... + $confirmedUsers = GET_TOTAL_DATA("CONFIRMED", "user_data", "userid", "status", true); + // ... unconfirmed ... + $unconfirmedUsers = GET_TOTAL_DATA("UNCONFIRMED", "user_data", "userid", "status", true); + // ... and locked users! + $lockedUsers = GET_TOTAL_DATA("LOCKED", "user_data", "userid", "status", true); - // Hash = MM-DD-YYYY:IP:USER_AGENT:TIMEMARK - $hash = generateHash(sha1($totalUsers.":".$_POST['month']."-".$_POST['day']."-".$_POST['year'].":".getenv('SERVER_NAME').":".GET_REMOTE_ADDR().":".GET_USER_AGENT()."-".time())."/".RAND_NUMBER); + // Generate hash which will be inserted into confirmation mail + $hash = generateHash(sha1($confirmedUsers.":".$unconfirmedUsers.":".$lockedUsers.":".$_POST['month']."-".$_POST['day']."-".$_POST['year'].":".getenv('SERVER_NAME').":".GET_REMOTE_ADDR().":".GET_USER_AGENT()."/".SITE_KEY."/".DATE_KEY."/".RAND_NUMBER)); // Add design when extension sql_patches is v0.2.7 or greater $ADD1 = ""; $ADD2 = ""; @@ -221,7 +225,7 @@ if ((isset($_POST['ok'])) && (!$FAILED)) } else { // Old way with enterable two-char-code $countryRow = "country"; - $countryData = addslashes(substr($_POST['cntry'], 0, 2)); + $countryData = substr($_POST['cntry'], 0, 2); } ////////////////////////////// @@ -232,14 +236,14 @@ if ((isset($_POST['ok'])) && (!$FAILED)) VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONFIRMED','%s','%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()".$ADD2.")", array( $countryRow, - SQL_ESCAPE(substr($_POST['gender'], 0, 1)), - SQL_ESCAPE($_POST['surname']), - SQL_ESCAPE($_POST['family_name']), - SQL_ESCAPE($_POST['street_nr']), + substr($_POST['gender'], 0, 1), + $_POST['surname'], + $_POST['family_name'], + $_POST['street_nr'], $countryData, bigintval($_POST['zip']), - SQL_ESCAPE($_POST['city']), - SQL_ESCAPE($_POST['addy']), + $_POST['city'], + $_POST['addy'], bigintval($_POST['day']), bigintval($_POST['month']), bigintval($_POST['year']),