From c2b0db2df28651e0a9672f6f52a75648f6b3f1e9 Mon Sep 17 00:00:00 2001 From: Kelly Rauchenberger Date: Sun, 3 Aug 2008 20:18:46 +0000 Subject: Central: Added checks to Subscription ownership functions Closes #5 --- central/trunk/instadisc.php | 44 ++++++++++++++++++++++++++++++++++---------- 1 file changed, 34 insertions(+), 10 deletions(-) diff --git a/central/trunk/instadisc.php b/central/trunk/instadisc.php index 0edbd82..fa2eb07 100644 --- a/central/trunk/instadisc.php +++ b/central/trunk/instadisc.php @@ -321,28 +321,52 @@ function instaDisc_listPendingSubscriptions($username) function instaDisc_generateSubscriptionActivation($username, $url) { - $key = md5(rand(1,65536)); + $getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($username) . "\""; + $getuser2 = mysql_query($getuser); + $getuser3 = mysql_fetch_array($getuser2); + if ($getuser3['username'] == $username) + { + $key = md5(rand(1,65536)); - $inspending = "INSERT INTO pending2 (username, url, key) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string($url) . "\", \"" . mysql_real_escape_string($key) . "\")"; - $inspending2 = mysql_query($inspending); + $inspending = "INSERT INTO pending2 (username, url, key) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string($url) . "\", \"" . mysql_real_escape_string($key) . "\")"; + $inspending2 = mysql_query($inspending); + + return $key; + } - return $key; + return false; } function instaDisc_deleteSubscription($username, $url) { - $delsub = "DELETE FROM subscriptions WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\")"; - $delsub2 = mysql_query($delsub); + $getsub = "SELECT * FROM subscriptions WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\")"; + $getsub2 = mysql_query($getsub); + $getsub3 = mysql_fetch_array($getsub2); + if ($getsub3['username'] == $username) + { + $delsub = "DELETE FROM subscriptions WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\")"; + $delsub2 = mysql_query($delsub); - return true; + return true; + } + + return false; } function instaDisc_cancelSubscription($username, $url) { - $delsub = "DELETE FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\")"; - $delsub2 = mysql_query($delsub); + $getsub = "SELECT * FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\")"; + $getsub2 = mysql_query($getsub); + $getsub3 = mysql_fetch_array($getsub2); + if ($getsub3['username'] == $username) + { + $delsub = "DELETE FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\")"; + $delsub2 = mysql_query($delsub); - return true; + return true; + } + + return false; } ?> -- cgit 1.4.1