diff options
Diffstat (limited to 'series/trunk')
-rw-r--r-- | series/trunk/includes/instadisc.php | 37 | ||||
-rw-r--r-- | series/trunk/xmlrpc.php | 1 |
2 files changed, 38 insertions, 0 deletions
diff --git a/series/trunk/includes/instadisc.php b/series/trunk/includes/instadisc.php index dd879c6..41080bd 100644 --- a/series/trunk/includes/instadisc.php +++ b/series/trunk/includes/instadisc.php | |||
@@ -69,4 +69,41 @@ function instaDisc_addSubscription($id, $title, $url, $category, $password = '') | |||
69 | $inssub2 = mysql_query($inssub); | 69 | $inssub2 = mysql_query($inssub); |
70 | } | 70 | } |
71 | 71 | ||
72 | function instaDisc_checkVerification($username, $verification, $verificationID, $table, $nameField, $passField) | ||
73 | { | ||
74 | $getverid = "SELECT * FROM oldVerID WHERE username = \"" . mysql_real_escape_string($username) . "\" AND verID = " . $verificationID; | ||
75 | $getverid2 = mysql_query($getverid); | ||
76 | $getverid3 = mysql_fetch_array($getverid2); | ||
77 | if ($getverid3['id'] != $verificationID) | ||
78 | { | ||
79 | $getitem = "SELECT * FROM " . $table . " WHERE " . $nameField . " = \"" . mysql_real_escape_string($username) . "\""; | ||
80 | $getitem2 = mysql_query($getitem); | ||
81 | $getitem3 = mysql_fetch_array($getitem2); | ||
82 | if ($getitem3[$nameField] == $username) | ||
83 | { | ||
84 | $test = $username . ':' . $getitem3[$passField] . ':' . $verificationID; | ||
85 | |||
86 | if (md5($test) == $verification) | ||
87 | { | ||
88 | $cntverid = "SELECT COUNT(*) FROM oldVerID WHERE username = \"" . mysql_real_escape_string($username) . "\""; | ||
89 | $cntverid2 = mysql_query($cntverid); | ||
90 | $cntverid3 = mysql_fetch_array($cntverid2); | ||
91 | if ($cntverid3[0] >= 10000) | ||
92 | { | ||
93 | $delverid = "DELETE FROM oldVerID WHERE username = \"" . mysql_real_escape_string($username) . "\" LIMIT 0,1"; | ||
94 | $delverid2 = mysql_query($delverid); | ||
95 | } | ||
96 | |||
97 | $insverid = "INSERT INTO oldVerID (username, verID) VALUES (\"" . mysql_real_escape_string($username) . "\", " . $verificationID . ")"; | ||
98 | $insverid2 = mysql_query($insverid); | ||
99 | |||
100 | return true; | ||
101 | } | ||
102 | } | ||
103 | } | ||
104 | |||
105 | return false; | ||
106 | } | ||
107 | |||
108 | |||
72 | ?> | 109 | ?> |
diff --git a/series/trunk/xmlrpc.php b/series/trunk/xmlrpc.php index 6d3a245..9024ae2 100644 --- a/series/trunk/xmlrpc.php +++ b/series/trunk/xmlrpc.php | |||
@@ -39,6 +39,7 @@ function sendFromUpdate($username, $verification, $verificationID, $seriesURL, $ | |||
39 | { | 39 | { |
40 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) | 40 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) |
41 | { | 41 | { |
42 | |||
42 | } else { | 43 | } else { |
43 | return new xmlrpcresp(new xmlrpcval('2', 'int')); | 44 | return new xmlrpcresp(new xmlrpcval('2', 'int')); |
44 | } | 45 | } |