about summary refs log tree commit diff stats
path: root/central/trunk/instadisc.php
diff options
context:
space:
mode:
Diffstat (limited to 'central/trunk/instadisc.php')
-rw-r--r--central/trunk/instadisc.php35
1 files changed, 28 insertions, 7 deletions
diff --git a/central/trunk/instadisc.php b/central/trunk/instadisc.php index 66032ec..46d8404 100644 --- a/central/trunk/instadisc.php +++ b/central/trunk/instadisc.php
@@ -6,14 +6,35 @@ include_once('db.php');
6 6
7function instaDisc_checkVerification($username, $verification, $verificationID, $table, $nameField, $passField) 7function instaDisc_checkVerification($username, $verification, $verificationID, $table, $nameField, $passField)
8{ 8{
9 $getitem = "SELECT * FROM " . $table . " WHERE " . $nameField . " = \"" . mysql_escape_string($username) . "\""; 9 $getverid = "SELECT * FROM oldVerID WHERE name = \"" . mysql_escape_string($username) . "\" AND verID = " . $verificationID;
10 $getitem2 = mysql_query($getitem); 10 $getverid2 = mysql_query($getverid);
11 $getitem3 = mysql_fetch_array($getitem2); 11 $getverid3 = mysql_fetch_array($getverid2);
12 if ($getitem3[$nameField] == $username) 12 if ($getverid3['id'] != $verificationID)
13 { 13 {
14 $test = $username . ':' . $getitem3[$passField] . ':' . $verificationID; 14 $getitem = "SELECT * FROM " . $table . " WHERE " . $nameField . " = \"" . mysql_escape_string($username) . "\"";
15 15 $getitem2 = mysql_query($getitem);
16 return (md5($test) == $verification); 16 $getitem3 = mysql_fetch_array($getitem2);
17 if ($getitem3[$nameField] == $username)
18 {
19 $test = $username . ':' . $getitem3[$passField] . ':' . $verificationID;
20
21 if (md5($test) == $verification)
22 {
23 $cntverid = "SELECT COUNT(*) FROM oldVerID WHERE username = \"" . mysql_escape_string($username) . "\"";
24 $cntverid2 = mysql_query($cntverid);
25 $cntverid3 = mysql_fetch_array($cntverid2);
26 if ($cntverid3[0] >= intval(getConfig('verIDBufferSize')))
27 {
28 $delverid = "DELETE FROM oldVerID WHERE username = \"" . mysql_escape_string($username) . "\"";
29 $delverid2 = mysql_query($delverid);
30 }
31
32 $insverid = "INSERT INTO oldVerID (name, verID) VALUES (\"" . mysql_escape_string($username) . "\", " . $verificationID . ")";
33 $insverid2 = mysql_query($insverid);
34
35 return true;
36 }
37 }
17 } 38 }
18 39
19 return false; 40 return false;