Fossil SCM
Declare all variables before any code, in the register_page() function. Ticket [59a156204ae6419d]
Commit
372c7257dadeae6500b86636c1a84926ca529e2b
Parent
4b2ab22c2a9af62…
1 file changed
+17
-9
+17
-9
| --- src/login.c | ||
| +++ src/login.c | ||
| @@ -636,10 +636,13 @@ | ||
| 636 | 636 | ** Generate the register page. |
| 637 | 637 | ** |
| 638 | 638 | */ |
| 639 | 639 | void register_page(void){ |
| 640 | 640 | const char *zUsername, *zPasswd, *zConfirm, *zContact, *zCS, *zPw, *zCap; |
| 641 | + unsigned int uSeed; | |
| 642 | + char const *zDecoded; | |
| 643 | + char *zCaptcha; | |
| 641 | 644 | if( !db_get_boolean("self-register", 0) ){ |
| 642 | 645 | style_header("Registration not possible"); |
| 643 | 646 | @ <p>This project does not allow user self-registration. Please contact the |
| 644 | 647 | @ project administrator to obtain an account.</p> |
| 645 | 648 | style_footer(); |
| @@ -689,24 +692,29 @@ | ||
| 689 | 692 | @ <p><span class="loginError"> |
| 690 | 693 | @ %s(zUsername) already exists. |
| 691 | 694 | @ </span></p> |
| 692 | 695 | }else{ |
| 693 | 696 | char *zPw = sha1_shared_secret(blob_str(&passwd), blob_str(&login)); |
| 697 | + int uid; | |
| 698 | + char *zCookie; | |
| 699 | + const char *zCookieName; | |
| 700 | + const char *zExpire; | |
| 701 | + int expires; | |
| 702 | + const char *zIpAddr; | |
| 694 | 703 | db_multi_exec( |
| 695 | 704 | "INSERT INTO user(login,pw,cap,info)" |
| 696 | 705 | "VALUES(%B,%Q,%B,%B)", |
| 697 | 706 | &login, zPw, &caps, &contact |
| 698 | 707 | ); |
| 699 | 708 | free(zPw); |
| 700 | 709 | |
| 701 | 710 | /* The user is registered, now just log him in. */ |
| 702 | - int uid = db_int(0, "SELECT uid FROM user WHERE login=%Q", zUsername); | |
| 703 | - char *zCookie; | |
| 704 | - const char *zCookieName = login_cookie_name(); | |
| 705 | - const char *zExpire = db_get("cookie-expire","8766"); | |
| 706 | - int expires = atoi(zExpire)*3600; | |
| 707 | - const char *zIpAddr = PD("REMOTE_ADDR","nil"); | |
| 711 | + uid = db_int(0, "SELECT uid FROM user WHERE login=%Q", zUsername); | |
| 712 | + zCookieName = login_cookie_name(); | |
| 713 | + zExpire = db_get("cookie-expire","8766"); | |
| 714 | + expires = atoi(zExpire)*3600; | |
| 715 | + zIpAddr = PD("REMOTE_ADDR","nil"); | |
| 708 | 716 | |
| 709 | 717 | zCookie = db_text(0, "SELECT '%d/' || hex(randomblob(25))", uid); |
| 710 | 718 | cgi_set_cookie(zCookieName, zCookie, 0, expires); |
| 711 | 719 | db_multi_exec( |
| 712 | 720 | "UPDATE user SET cookie=%Q, ipaddr=%Q, " |
| @@ -718,13 +726,13 @@ | ||
| 718 | 726 | } |
| 719 | 727 | } |
| 720 | 728 | } |
| 721 | 729 | |
| 722 | 730 | /* Prepare the captcha. */ |
| 723 | - unsigned int uSeed = captcha_seed(); | |
| 724 | - char const *zDecoded = captcha_decode(uSeed); | |
| 725 | - char *zCaptcha = captcha_render(zDecoded); | |
| 731 | + uSeed = captcha_seed(); | |
| 732 | + zDecoded = captcha_decode(uSeed); | |
| 733 | + zCaptcha = captcha_render(zDecoded); | |
| 726 | 734 | |
| 727 | 735 | /* Print out the registration form. */ |
| 728 | 736 | @ <form action="register" method="post"> |
| 729 | 737 | if( P("g") ){ |
| 730 | 738 | @ <input type="hidden" name="g" value="%h(P("g"))" /> |
| 731 | 739 |
| --- src/login.c | |
| +++ src/login.c | |
| @@ -636,10 +636,13 @@ | |
| 636 | ** Generate the register page. |
| 637 | ** |
| 638 | */ |
| 639 | void register_page(void){ |
| 640 | const char *zUsername, *zPasswd, *zConfirm, *zContact, *zCS, *zPw, *zCap; |
| 641 | if( !db_get_boolean("self-register", 0) ){ |
| 642 | style_header("Registration not possible"); |
| 643 | @ <p>This project does not allow user self-registration. Please contact the |
| 644 | @ project administrator to obtain an account.</p> |
| 645 | style_footer(); |
| @@ -689,24 +692,29 @@ | |
| 689 | @ <p><span class="loginError"> |
| 690 | @ %s(zUsername) already exists. |
| 691 | @ </span></p> |
| 692 | }else{ |
| 693 | char *zPw = sha1_shared_secret(blob_str(&passwd), blob_str(&login)); |
| 694 | db_multi_exec( |
| 695 | "INSERT INTO user(login,pw,cap,info)" |
| 696 | "VALUES(%B,%Q,%B,%B)", |
| 697 | &login, zPw, &caps, &contact |
| 698 | ); |
| 699 | free(zPw); |
| 700 | |
| 701 | /* The user is registered, now just log him in. */ |
| 702 | int uid = db_int(0, "SELECT uid FROM user WHERE login=%Q", zUsername); |
| 703 | char *zCookie; |
| 704 | const char *zCookieName = login_cookie_name(); |
| 705 | const char *zExpire = db_get("cookie-expire","8766"); |
| 706 | int expires = atoi(zExpire)*3600; |
| 707 | const char *zIpAddr = PD("REMOTE_ADDR","nil"); |
| 708 | |
| 709 | zCookie = db_text(0, "SELECT '%d/' || hex(randomblob(25))", uid); |
| 710 | cgi_set_cookie(zCookieName, zCookie, 0, expires); |
| 711 | db_multi_exec( |
| 712 | "UPDATE user SET cookie=%Q, ipaddr=%Q, " |
| @@ -718,13 +726,13 @@ | |
| 718 | } |
| 719 | } |
| 720 | } |
| 721 | |
| 722 | /* Prepare the captcha. */ |
| 723 | unsigned int uSeed = captcha_seed(); |
| 724 | char const *zDecoded = captcha_decode(uSeed); |
| 725 | char *zCaptcha = captcha_render(zDecoded); |
| 726 | |
| 727 | /* Print out the registration form. */ |
| 728 | @ <form action="register" method="post"> |
| 729 | if( P("g") ){ |
| 730 | @ <input type="hidden" name="g" value="%h(P("g"))" /> |
| 731 |
| --- src/login.c | |
| +++ src/login.c | |
| @@ -636,10 +636,13 @@ | |
| 636 | ** Generate the register page. |
| 637 | ** |
| 638 | */ |
| 639 | void register_page(void){ |
| 640 | const char *zUsername, *zPasswd, *zConfirm, *zContact, *zCS, *zPw, *zCap; |
| 641 | unsigned int uSeed; |
| 642 | char const *zDecoded; |
| 643 | char *zCaptcha; |
| 644 | if( !db_get_boolean("self-register", 0) ){ |
| 645 | style_header("Registration not possible"); |
| 646 | @ <p>This project does not allow user self-registration. Please contact the |
| 647 | @ project administrator to obtain an account.</p> |
| 648 | style_footer(); |
| @@ -689,24 +692,29 @@ | |
| 692 | @ <p><span class="loginError"> |
| 693 | @ %s(zUsername) already exists. |
| 694 | @ </span></p> |
| 695 | }else{ |
| 696 | char *zPw = sha1_shared_secret(blob_str(&passwd), blob_str(&login)); |
| 697 | int uid; |
| 698 | char *zCookie; |
| 699 | const char *zCookieName; |
| 700 | const char *zExpire; |
| 701 | int expires; |
| 702 | const char *zIpAddr; |
| 703 | db_multi_exec( |
| 704 | "INSERT INTO user(login,pw,cap,info)" |
| 705 | "VALUES(%B,%Q,%B,%B)", |
| 706 | &login, zPw, &caps, &contact |
| 707 | ); |
| 708 | free(zPw); |
| 709 | |
| 710 | /* The user is registered, now just log him in. */ |
| 711 | uid = db_int(0, "SELECT uid FROM user WHERE login=%Q", zUsername); |
| 712 | zCookieName = login_cookie_name(); |
| 713 | zExpire = db_get("cookie-expire","8766"); |
| 714 | expires = atoi(zExpire)*3600; |
| 715 | zIpAddr = PD("REMOTE_ADDR","nil"); |
| 716 | |
| 717 | zCookie = db_text(0, "SELECT '%d/' || hex(randomblob(25))", uid); |
| 718 | cgi_set_cookie(zCookieName, zCookie, 0, expires); |
| 719 | db_multi_exec( |
| 720 | "UPDATE user SET cookie=%Q, ipaddr=%Q, " |
| @@ -718,13 +726,13 @@ | |
| 726 | } |
| 727 | } |
| 728 | } |
| 729 | |
| 730 | /* Prepare the captcha. */ |
| 731 | uSeed = captcha_seed(); |
| 732 | zDecoded = captcha_decode(uSeed); |
| 733 | zCaptcha = captcha_render(zDecoded); |
| 734 | |
| 735 | /* Print out the registration form. */ |
| 736 | @ <form action="register" method="post"> |
| 737 | if( P("g") ){ |
| 738 | @ <input type="hidden" name="g" value="%h(P("g"))" /> |
| 739 |