From cab0a0f00c30ae756944f22b01f75a1e9ae89a62 Mon Sep 17 00:00:00 2001 From: "DESKTOP-GBA0BK8\\Admin" Date: Thu, 27 Apr 2023 09:58:15 -0400 Subject: [PATCH] Complete account --- wrenchboard/src/shared_tool/account_mngt.cc | 59 +++++++++++---------- 1 file changed, 30 insertions(+), 29 deletions(-) diff --git a/wrenchboard/src/shared_tool/account_mngt.cc b/wrenchboard/src/shared_tool/account_mngt.cc index 03643271..a01e6204 100644 --- a/wrenchboard/src/shared_tool/account_mngt.cc +++ b/wrenchboard/src/shared_tool/account_mngt.cc @@ -545,43 +545,44 @@ long CompleteMobileAccountCreation(CVars in, CVars &out){ long CreateWrenchBoardAccount(CVars in, CVars &out) { logfmt(logINFO, "CreateWrenchBoardAccount()"); long ret = PHP_API_BAD_PARAM; + bool compt = false; REQ_STRING(in, "verify_link", 2, 120, "(.*)"); - //REQ_STRING (in, "pass1", 3, 15, "(.*)"); + REQ_STRING (in, "password", 3, 15, "(.*)"); OPTIONAL(in, "loc") REQ_STRING(in, "loc", 3, 15, "(.*)"); - //const char * loc = getenv('REMOTE_ADDR'); //in["loc"] = loc; - try { - long lonkF = load_db_record(out, "SELECT *,id AS pending_id FROM members_pending WHERE verify_link ='%s' AND expire > now() LIMIT 1", in["verify_link"].c_str()); + long lonkF = load_db_record(out, "SELECT *,id AS pending_id FROM members_pending WHERE verify_link ='%s' AND password =md5('%s') AND expire > now() LIMIT 1", in["verify_link"].c_str(), in["password"].c_str()); if (lonkF) { - out["status"] = "prepare to create account"; - CVars x; - x["username"] = out["username"]; - x["username"].set_valid(true); - x["firstname"] = out["firstname"]; - x["firstname"].set_valid(true); - x["lastname"] = out["lastname"]; - x["lastname"].set_valid(true); - x["email"] = out["email"]; - x["email"].set_valid(true); - x["phone"] = out["phone"]; - x["phone"].set_valid(true); - x["loc"] = out["loc"]; - x["loc"].set_valid(true); - x["country"] = out["country"]; - x["country"].set_valid(true); - x["password"] = out["password"]; - x["password"].set_valid(true); - - //pgsql_query("INSERT INTO members (firstname,lastname,email,phone,password,loc,news) SELECT(firstname,lastname,email,phone,password,loc,news) FROM members_pending WHERE id = %lu AND status = 1",out["pending_id"].Long() ); - - - ret = insert_db_record(DBS_VALID, "members", "members_id_seq", x); - - if (ret > 0) { + if (out["pending_id"].Long() > 0 ){ + out["status"] = "prepare to create account"; + CVars x; + x["username"] = out["username"]; + x["username"].set_valid(true); + x["firstname"] = out["firstname"]; + x["firstname"].set_valid(true); + x["lastname"] = out["lastname"]; + x["lastname"].set_valid(true); + x["email"] = out["email"]; + x["email"].set_valid(true); + x["phone"] = out["phone"]; + x["phone"].set_valid(true); + x["loc"] = out["loc"]; + x["loc"].set_valid(true); + x["country"] = out["country"]; + x["country"].set_valid(true); + x["password"] = out["password"]; + x["password"].set_valid(true); + ret = insert_db_record(DBS_VALID, "members", "members_id_seq", x); + compt = true; + } + else{ + out["status"] = "Invalid Link & Password Combination"; + ret = PHP_API_BAD_PARAM; + } + if (ret > 0 && compt==true) { out["member_id"] = ret; out["member_id"].set_valid(true); x["member_id"] = ret;