about summary refs log tree commit diff stats
path: root/series
diff options
context:
space:
mode:
authorKelly Rauchenberger <fefferburbia@gmail.com>2008-09-11 10:58:11 +0000
committerKelly Rauchenberger <fefferburbia@gmail.com>2008-09-11 10:58:11 +0000
commit289c028d8455b8cc1e77140e5d9f7834cce29c8d (patch)
tree28274cc03cb68312b3a1d65ee45cbd9a47d24b4d /series
parent7f37cd79cd823c6602a75dd4e2fb03cc79554b6e (diff)
downloadinstadisc-289c028d8455b8cc1e77140e5d9f7834cce29c8d.tar.gz
instadisc-289c028d8455b8cc1e77140e5d9f7834cce29c8d.tar.bz2
instadisc-289c028d8455b8cc1e77140e5d9f7834cce29c8d.zip
Series: Added instaDisc_checkVerification()
Refs #55
Diffstat (limited to 'series')
-rw-r--r--series/trunk/includes/instadisc.php37
-rw-r--r--series/trunk/xmlrpc.php1
2 files changed, 38 insertions, 0 deletions
diff --git a/series/trunk/includes/instadisc.php b/series/trunk/includes/instadisc.php index dd879c6..41080bd 100644 --- a/series/trunk/includes/instadisc.php +++ b/series/trunk/includes/instadisc.php
@@ -69,4 +69,41 @@ function instaDisc_addSubscription($id, $title, $url, $category, $password = '')
69 $inssub2 = mysql_query($inssub); 69 $inssub2 = mysql_query($inssub);
70} 70}
71 71
72function instaDisc_checkVerification($username, $verification, $verificationID, $table, $nameField, $passField)
73{
74 $getverid = "SELECT * FROM oldVerID WHERE username = \"" . mysql_real_escape_string($username) . "\" AND verID = " . $verificationID;
75 $getverid2 = mysql_query($getverid);
76 $getverid3 = mysql_fetch_array($getverid2);
77 if ($getverid3['id'] != $verificationID)
78 {
79 $getitem = "SELECT * FROM " . $table . " WHERE " . $nameField . " = \"" . mysql_real_escape_string($username) . "\"";
80 $getitem2 = mysql_query($getitem);
81 $getitem3 = mysql_fetch_array($getitem2);
82 if ($getitem3[$nameField] == $username)
83 {
84 $test = $username . ':' . $getitem3[$passField] . ':' . $verificationID;
85
86 if (md5($test) == $verification)
87 {
88 $cntverid = "SELECT COUNT(*) FROM oldVerID WHERE username = \"" . mysql_real_escape_string($username) . "\"";
89 $cntverid2 = mysql_query($cntverid);
90 $cntverid3 = mysql_fetch_array($cntverid2);
91 if ($cntverid3[0] >= 10000)
92 {
93 $delverid = "DELETE FROM oldVerID WHERE username = \"" . mysql_real_escape_string($username) . "\" LIMIT 0,1";
94 $delverid2 = mysql_query($delverid);
95 }
96
97 $insverid = "INSERT INTO oldVerID (username, verID) VALUES (\"" . mysql_real_escape_string($username) . "\", " . $verificationID . ")";
98 $insverid2 = mysql_query($insverid);
99
100 return true;
101 }
102 }
103 }
104
105 return false;
106}
107
108
72?> 109?>
diff --git a/series/trunk/xmlrpc.php b/series/trunk/xmlrpc.php index 6d3a245..9024ae2 100644 --- a/series/trunk/xmlrpc.php +++ b/series/trunk/xmlrpc.php
@@ -39,6 +39,7 @@ function sendFromUpdate($username, $verification, $verificationID, $seriesURL, $
39{ 39{
40 if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) 40 if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password'))
41 { 41 {
42
42 } else { 43 } else {
43 return new xmlrpcresp(new xmlrpcval('2', 'int')); 44 return new xmlrpcresp(new xmlrpcval('2', 'int'));
44 } 45 }