Website
/
Manager
1
0
Fork 0
Code Releases 11 Activity

Enforce POST when sending register form

master
Anonymous Contributor 2023-08-23 18:16:35 +02:00
parent d46835e8eb
commit 4dfb3d81c3
1 changed files with 7 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
pages/register.php
View File

@ -29,8 +29,7 @@
die("INVALID INVITE CODE!");
}
if(!isset($_REQUEST['doRegister']))
{
if($_SERVER['REQUEST_METHOD'] != 'POST') {
displayPage("");
}
@ -45,7 +44,7 @@
));
if(!$validator->isValid($_POST)) {
if(!isset($_REQUEST['tos']) || $_REQUEST['tos'] !== true) {
if(!isset($_POST['tos']) || $_POST['tos'] !== true) {
displayPage("Du musst die Nutzungsbedingungen lesen und Akzeptieren.");
}
else {
@ -60,7 +59,7 @@
$RUNTIME['REGISTER']['EMAIL'] = null;
$RUNTIME['REGISTER']['AVATAR'] = null;
$RUNTIME['REGISTER']['TOS'] = true;
$name = trim($_REQUEST['username']);
$name = trim($_POST['username']);
if($name != "")
{
$nameParts = explode(" ", $name);
@ -81,11 +80,11 @@
displayPage("Der gewählte Name ist bereits vergeben.");
}
}
$RUNTIME['REGISTER']['PASS'] = trim($_REQUEST['password']);
$RUNTIME['REGISTER']['EMAIL'] = trim($_REQUEST['email']);
if(isset($RUNTIME['DEFAULTAVATAR'][$_REQUEST['avatar']]['UUID']))
$RUNTIME['REGISTER']['PASS'] = trim($_POST['password']);
$RUNTIME['REGISTER']['EMAIL'] = trim($_POST['email']);
if(isset($RUNTIME['DEFAULTAVATAR'][$_POST['avatar']]['UUID']))
{
$RUNTIME['REGISTER']['AVATAR'] = trim($_REQUEST['avatar']);
$RUNTIME['REGISTER']['AVATAR'] = trim($_POST['avatar']);
}
else
{