Possible fix and rewrite for ticket #128

diff --git a/inc/modules/guest/what-register.php b/inc/modules/guest/what-register.php
index 24000305668717e8bd7caa906f473c97045eb63e..5b37fad630685705c04cf23ef8fdbac35bc7bbbc 100644 (file)
--- a/inc/modules/guest/what-register.php
+++ b/inc/modules/guest/what-register.php
@@ -51,7 +51,10 @@ ADD_DESCR('guest', __FILE__);
 global $DATA;
 
 // Initialize variables
 global $DATA;
 
 // Initialize variables

-$isFailed = false; $SHORT_PASS = false; $cats = 0; $IP_TIMEOUT = false;
+$isFailed   = false;
+$shortPass = false;
+$cats       = 0;
+$ipTimedOut = false;

 
 if (!isFormSent()) REQUEST_UNSET_POST('ok');
 
 
 if (!isFormSent()) REQUEST_UNSET_POST('ok');
 


@@ -133,7 +136,7 @@ if (isFormSent()) {
 
        // Is the password long enouth?
        if ((strlen(REQUEST_POST('pass1')) < getConfig('pass_len')) && ($isFailed === false)) {
 
        // Is the password long enouth?
        if ((strlen(REQUEST_POST('pass1')) < getConfig('pass_len')) && ($isFailed === false)) {

-               $SHORT_PASS = true;
+               $shortPass = true;

                $isFailed = true;
        } // END - if
 
                $isFailed = true;
        } // END - if
 


@@ -167,7 +170,7 @@ if (isFormSent()) {
                if (SQL_NUMROWS($result) == 1) {
                        // Same IP in timeout range and different email address entered... Eat this, faker! ;-)
                        // But admins are allowed to fake their own exchange service.
                if (SQL_NUMROWS($result) == 1) {
                        // Same IP in timeout range and different email address entered... Eat this, faker! ;-)
                        // But admins are allowed to fake their own exchange service.

-                       $IP_TIMEOUT = true;
+                       $ipTimedOut = true;

                        $isFailed = true;
                } // END - if
        } // END - if
                        $isFailed = true;
                } // END - if
        } // END - if


@@ -183,18 +186,19 @@ if ((isFormSent()) && (($isFailed === false) || (IS_ADMIN()))) {
 
        // Get total ...
        // ... confirmed, ...
 
        // Get total ...
        // ... confirmed, ...

-       $confirmedUsers   = GET_TOTAL_DATA('CONFIRMED', 'user_data', 'userid', 'status', true);
+       $confirmedUsers   = GET_TOTAL_DATA('CONFIRMED'  , 'user_data', 'userid', 'status', true);

        // ... unconfirmed ...
        $unconfirmedUsers = GET_TOTAL_DATA('UNCONFIRMED', 'user_data', 'userid', 'status', true);
        // ... and locked users!
        // ... unconfirmed ...
        $unconfirmedUsers = GET_TOTAL_DATA('UNCONFIRMED', 'user_data', 'userid', 'status', true);
        // ... and locked users!

-       $lockedUsers      = GET_TOTAL_DATA('LOCKED', 'user_data', 'userid', 'status', true);
+       $lockedUsers      = GET_TOTAL_DATA('LOCKED'     , 'user_data', 'userid', 'status', true);

 
        // Generate hash which will be inserted into confirmation mail
 
        // Generate hash which will be inserted into confirmation mail

-       $hash = generateHash(sha1($confirmedUsers.getConfig('ENCRYPT_SEPERATOR').$unconfirmedUsers.getConfig('ENCRYPT_SEPERATOR').$lockedUsers.getConfig('ENCRYPT_SEPERATOR').REQUEST_POST('month') . '-'.REQUEST_POST('day') . '-'.REQUEST_POST('year').getConfig('ENCRYPT_SEPERATOR').getenv('SERVER_NAME').getConfig('ENCRYPT_SEPERATOR').detectRemoteAddr().getConfig('ENCRYPT_SEPERATOR').detectUserAgent().'/'.getConfig('SITE_KEY') . '/'.getConfig('DATE_KEY') . '/'.constant('RAND_NUMBER')));
+       $hash = generateHash(sha1($confirmedUsers.getConfig('ENCRYPT_SEPERATOR').$unconfirmedUsers.getConfig('ENCRYPT_SEPERATOR').$lockedUsers.getConfig('ENCRYPT_SEPERATOR').REQUEST_POST('month') . '-'.REQUEST_POST('day') . '-'.REQUEST_POST('year').getConfig('ENCRYPT_SEPERATOR').getenv('SERVER_NAME').getConfig('ENCRYPT_SEPERATOR').detectRemoteAddr().getConfig('ENCRYPT_SEPERATOR').detectUserAgent() . '/' . getConfig('SITE_KEY') . '/' . getConfig('DATE_KEY') . '/'. constant('RAND_NUMBER')));

 
        // Add design when extension sql_patches is v0.2.7 or greater
        // @TODO Rewrite these all to a single filter
 
        // Add design when extension sql_patches is v0.2.7 or greater
        // @TODO Rewrite these all to a single filter

-       $ADD1 = ''; $ADD2 = '';
+       $ADD1 = '';
+       $ADD2 = '';

        if (GET_EXT_VERSION('theme') >= '0.0.8') {
                // Okay, add design here
                $ADD1 = ", `curr_theme`";
        if (GET_EXT_VERSION('theme') >= '0.0.8') {
                // Okay, add design here
                $ADD1 = ", `curr_theme`";


@@ -239,24 +243,24 @@ if ((isFormSent()) && (($isFailed === false) || (IS_ADMIN()))) {
        SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_user_data` (gender, surname, family, street_nr,%s, zip, city, email, birth_day, birth_month, birth_year, password, max_mails, receive_mails, refid, status, user_hash, REMOTE_ADDR, joined, last_update".$ADD1.")
 VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONFIRMED','%s','%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()".$ADD2.")",
        array(
        SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_user_data` (gender, surname, family, street_nr,%s, zip, city, email, birth_day, birth_month, birth_year, password, max_mails, receive_mails, refid, status, user_hash, REMOTE_ADDR, joined, last_update".$ADD1.")
 VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONFIRMED','%s','%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()".$ADD2.")",
        array(

-       $countryRow,
-       substr(REQUEST_POST('gender'), 0, 1),
-       REQUEST_POST('surname'),
-       REQUEST_POST('family'),
-       REQUEST_POST('street_nr'),
-       $countryData,
-       bigintval(REQUEST_POST('zip')),
-       REQUEST_POST('city'),
-       REQUEST_POST('addy'),
-       bigintval(REQUEST_POST('day')),
-       bigintval(REQUEST_POST('month')),
-       bigintval(REQUEST_POST('year')),
-       generateHash(REQUEST_POST('pass1')),
-       bigintval(REQUEST_POST('max_mails')),
-       bigintval(REQUEST_POST('max_mails')),
-       bigintval(REQUEST_POST('refid')),
-       $hash,
-       detectRemoteAddr(),
+               $countryRow,
+               substr(REQUEST_POST('gender'), 0, 1),
+               REQUEST_POST('surname'),
+               REQUEST_POST('family'),
+               REQUEST_POST('street_nr'),
+               $countryData,
+               bigintval(REQUEST_POST('zip')),
+               REQUEST_POST('city'),
+               REQUEST_POST('addy'),
+               bigintval(REQUEST_POST('day')),
+               bigintval(REQUEST_POST('month')),
+               bigintval(REQUEST_POST('year')),
+               generateHash(REQUEST_POST('pass1')),
+               bigintval(REQUEST_POST('max_mails')),
+               bigintval(REQUEST_POST('max_mails')),
+               bigintval(REQUEST_POST('refid')),
+               $hash,
+               detectRemoteAddr(),

        ), __FILE__, __LINE__);
 
        // Get his userid
        ), __FILE__, __LINE__);
 
        // Get his userid


@@ -347,24 +351,23 @@ VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONF
        }
 
        // Continue with birthday...
        }
 
        // Continue with birthday...

-       switch (getLanguage())
-       {
+       switch (getLanguage()) {

                case 'de':
                case 'de':

-                       $DATA['birthday'] = bigintval(REQUEST_POST('day')).'.'.bigintval(REQUEST_POST('month')).'.'.bigintval(REQUEST_POST('year'));
+                       $DATA['birthday'] = bigintval(REQUEST_POST('day')) . '.' . bigintval(REQUEST_POST('month')) . '.' . bigintval(REQUEST_POST('year'));

                        break;
 
                default:
                        break;
 
                default:

-                       $DATA['birthday'] = bigintval(REQUEST_POST('month')).'/'.bigintval(REQUEST_POST('day')).'/'.bigintval(REQUEST_POST('year'));
+                       $DATA['birthday'] = bigintval(REQUEST_POST('month')) . '/' . bigintval(REQUEST_POST('day')) . '/' . bigintval(REQUEST_POST('year'));

                        break;
                        break;

-       }
+       } // END - switch

 
        // Display information to the user that he got mail and send it away
 
        // Display information to the user that he got mail and send it away

-       $msg_guest = LOAD_EMAIL_TEMPLATE('register-member', $DATA, $userid);
+       $messageGuest = LOAD_EMAIL_TEMPLATE('register-member', $DATA, $userid);

 
        // Send mail to user (confirmation link!)
 
        // Send mail to user (confirmation link!)

-       $EMAIL = $DATA['email'];
-       sendEmail ($DATA['email'], getMessage('GUEST_CONFIRM_LINK'), $msg_guest);
-       $DATA['email'] = $EMAIL;
+       $email = $DATA['email'];
+       sendEmail($DATA['email'], getMessage('GUEST_CONFIRM_LINK'), $messageGuest);
+       $DATA['email'] = $email;

 
        // Send mail to admin
        sendAdminNotification(getMessage('ADMIN_NEW_ACCOUNT'), 'register-admin', $DATA, $userid);
 
        // Send mail to admin
        sendAdminNotification(getMessage('ADMIN_NEW_ACCOUNT'), 'register-admin', $DATA, $userid);


@@ -402,11 +405,11 @@ VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONF
                registerOutputFailedMessage('ENTER_PASS2');
        }
 
                registerOutputFailedMessage('ENTER_PASS2');
        }
 

-       if ($SHORT_PASS === true) {
+       if ($shortPass === true) {

                registerOutputFailedMessage('SHORT_PASS', ": ".getConfig('pass_len'));
        } // END - if
 
                registerOutputFailedMessage('SHORT_PASS', ": ".getConfig('pass_len'));
        } // END - if
 

-       if ($IP_TIMEOUT === true) {
+       if ($ipTimedOut === true) {

                registerOutputFailedMessage('REMOTE_ADDR_TIMEOUT');
        } // END - if
 
                registerOutputFailedMessage('REMOTE_ADDR_TIMEOUT');
        } // END - if
 


@@ -415,8 +418,7 @@ VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONF
        } // END - if
 
        // Generate birthday selection
        } // END - if
 
        // Generate birthday selection

-       switch (getLanguage())
-       {
+       switch (getLanguage()) {

                case 'de': // German date format
                        define('BIRTHDAY_SELECTION', ADD_SELECTION('day', REQUEST_POST('day')).ADD_SELECTION('month', REQUEST_POST('month')).ADD_SELECTION('year', REQUEST_POST('year')));
                        break;
                case 'de': // German date format
                        define('BIRTHDAY_SELECTION', ADD_SELECTION('day', REQUEST_POST('day')).ADD_SELECTION('month', REQUEST_POST('month')).ADD_SELECTION('year', REQUEST_POST('year')));
                        break;


@@ -464,7 +466,7 @@ VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONF
        if (EXT_IS_ACTIVE('country')) {
                // New variant, good!
                $OUT  = "<select name=\"country_code\" class=\"guest_select\" size=\"1\">\n";
        if (EXT_IS_ACTIVE('country')) {
                // New variant, good!
                $OUT  = "<select name=\"country_code\" class=\"guest_select\" size=\"1\">\n";

-               $whereStatement = "WHERE is_active='Y'";
+               $whereStatement = "WHERE `is_active`='Y'";

                if (IS_ADMIN()) $whereStatement = '';
                $OUT .= generateOptionList('countries', 'id', 'descr', REQUEST_POST('country_code'), 'code', $whereStatement);
                $OUT .= "</select>";
                if (IS_ADMIN()) $whereStatement = '';
                $OUT .= generateOptionList('countries', 'id', 'descr', REQUEST_POST('country_code'), 'code', $whereStatement);
                $OUT .= "</select>";