Fossil SCM
Add comments to the /register page implementation. No logic changes.
Commit
a4419c6c022e03f775a885afac86229fbbc185ef080e3b4fd1d5c470bce1e79c
Parent
d7e45aae70b1e82…
1 file changed
+4
-1
+4
-1
| --- src/login.c | ||
| +++ src/login.c | ||
| @@ -1551,11 +1551,11 @@ | ||
| 1551 | 1551 | zPasswd = PDT("p",""); |
| 1552 | 1552 | zConfirm = PDT("cp",""); |
| 1553 | 1553 | zEAddr = PDT("ea",""); |
| 1554 | 1554 | zDName = PDT("dn",""); |
| 1555 | 1555 | |
| 1556 | - /* Try to make any sense from user input. */ | |
| 1556 | + /* Verify user imputs */ | |
| 1557 | 1557 | if( P("new")==0 || !cgi_csrf_safe(1) ){ |
| 1558 | 1558 | /* This is not a valid form submission. Fall through into |
| 1559 | 1559 | ** the form display */ |
| 1560 | 1560 | }else if( !captcha_is_correct(1) ){ |
| 1561 | 1561 | iErrLine = 6; |
| @@ -1595,10 +1595,12 @@ | ||
| 1595 | 1595 | " AND sverified",zEAddr) |
| 1596 | 1596 | ){ |
| 1597 | 1597 | iErrLine = 3; |
| 1598 | 1598 | zErr = "This email address is already claimed by another user"; |
| 1599 | 1599 | }else{ |
| 1600 | + /* If all of the tests above have passed, that means that the submitted | |
| 1601 | + ** form contains valid data and we can proceed to create the new login */ | |
| 1600 | 1602 | Blob sql; |
| 1601 | 1603 | int uid; |
| 1602 | 1604 | char *zPass = sha1_shared_secret(zPasswd, zUserID, 0); |
| 1603 | 1605 | blob_init(&sql, 0, 0); |
| 1604 | 1606 | blob_append_sql(&sql, |
| @@ -1623,10 +1625,11 @@ | ||
| 1623 | 1625 | if( g.perm.Read ) ssub[nsub++] = 'c'; |
| 1624 | 1626 | if( g.perm.RdForum ) ssub[nsub++] = 'f'; |
| 1625 | 1627 | if( g.perm.RdTkt ) ssub[nsub++] = 't'; |
| 1626 | 1628 | if( g.perm.RdWiki ) ssub[nsub++] = 'w'; |
| 1627 | 1629 | ssub[nsub] = 0; |
| 1630 | + /* Also add the user to the subscriber table. */ | |
| 1628 | 1631 | db_multi_exec( |
| 1629 | 1632 | "INSERT INTO subscriber(semail,suname," |
| 1630 | 1633 | " sverified,sdonotcall,sdigest,ssub,sctime,mtime,smip)" |
| 1631 | 1634 | " VALUES(%Q,%Q,%d,0,%d,%Q,now(),now(),%Q)" |
| 1632 | 1635 | " ON CONFLICT(semail) DO UPDATE" |
| 1633 | 1636 |
| --- src/login.c | |
| +++ src/login.c | |
| @@ -1551,11 +1551,11 @@ | |
| 1551 | zPasswd = PDT("p",""); |
| 1552 | zConfirm = PDT("cp",""); |
| 1553 | zEAddr = PDT("ea",""); |
| 1554 | zDName = PDT("dn",""); |
| 1555 | |
| 1556 | /* Try to make any sense from user input. */ |
| 1557 | if( P("new")==0 || !cgi_csrf_safe(1) ){ |
| 1558 | /* This is not a valid form submission. Fall through into |
| 1559 | ** the form display */ |
| 1560 | }else if( !captcha_is_correct(1) ){ |
| 1561 | iErrLine = 6; |
| @@ -1595,10 +1595,12 @@ | |
| 1595 | " AND sverified",zEAddr) |
| 1596 | ){ |
| 1597 | iErrLine = 3; |
| 1598 | zErr = "This email address is already claimed by another user"; |
| 1599 | }else{ |
| 1600 | Blob sql; |
| 1601 | int uid; |
| 1602 | char *zPass = sha1_shared_secret(zPasswd, zUserID, 0); |
| 1603 | blob_init(&sql, 0, 0); |
| 1604 | blob_append_sql(&sql, |
| @@ -1623,10 +1625,11 @@ | |
| 1623 | if( g.perm.Read ) ssub[nsub++] = 'c'; |
| 1624 | if( g.perm.RdForum ) ssub[nsub++] = 'f'; |
| 1625 | if( g.perm.RdTkt ) ssub[nsub++] = 't'; |
| 1626 | if( g.perm.RdWiki ) ssub[nsub++] = 'w'; |
| 1627 | ssub[nsub] = 0; |
| 1628 | db_multi_exec( |
| 1629 | "INSERT INTO subscriber(semail,suname," |
| 1630 | " sverified,sdonotcall,sdigest,ssub,sctime,mtime,smip)" |
| 1631 | " VALUES(%Q,%Q,%d,0,%d,%Q,now(),now(),%Q)" |
| 1632 | " ON CONFLICT(semail) DO UPDATE" |
| 1633 |
| --- src/login.c | |
| +++ src/login.c | |
| @@ -1551,11 +1551,11 @@ | |
| 1551 | zPasswd = PDT("p",""); |
| 1552 | zConfirm = PDT("cp",""); |
| 1553 | zEAddr = PDT("ea",""); |
| 1554 | zDName = PDT("dn",""); |
| 1555 | |
| 1556 | /* Verify user imputs */ |
| 1557 | if( P("new")==0 || !cgi_csrf_safe(1) ){ |
| 1558 | /* This is not a valid form submission. Fall through into |
| 1559 | ** the form display */ |
| 1560 | }else if( !captcha_is_correct(1) ){ |
| 1561 | iErrLine = 6; |
| @@ -1595,10 +1595,12 @@ | |
| 1595 | " AND sverified",zEAddr) |
| 1596 | ){ |
| 1597 | iErrLine = 3; |
| 1598 | zErr = "This email address is already claimed by another user"; |
| 1599 | }else{ |
| 1600 | /* If all of the tests above have passed, that means that the submitted |
| 1601 | ** form contains valid data and we can proceed to create the new login */ |
| 1602 | Blob sql; |
| 1603 | int uid; |
| 1604 | char *zPass = sha1_shared_secret(zPasswd, zUserID, 0); |
| 1605 | blob_init(&sql, 0, 0); |
| 1606 | blob_append_sql(&sql, |
| @@ -1623,10 +1625,11 @@ | |
| 1625 | if( g.perm.Read ) ssub[nsub++] = 'c'; |
| 1626 | if( g.perm.RdForum ) ssub[nsub++] = 'f'; |
| 1627 | if( g.perm.RdTkt ) ssub[nsub++] = 't'; |
| 1628 | if( g.perm.RdWiki ) ssub[nsub++] = 'w'; |
| 1629 | ssub[nsub] = 0; |
| 1630 | /* Also add the user to the subscriber table. */ |
| 1631 | db_multi_exec( |
| 1632 | "INSERT INTO subscriber(semail,suname," |
| 1633 | " sverified,sdonotcall,sdigest,ssub,sctime,mtime,smip)" |
| 1634 | " VALUES(%Q,%Q,%d,0,%d,%Q,now(),now(),%Q)" |
| 1635 | " ON CONFLICT(semail) DO UPDATE" |
| 1636 |