From a699bf2dee11af52a2104838660228c0a16de199 Mon Sep 17 00:00:00 2001
From: Anonymous Contributor <anonymous@invalid>
Date: Wed, 23 Aug 2023 18:16:34 +0200
Subject: [PATCH] Small fixes

---
 pages/identities.php |  4 ++--
 pages/login.php      |  3 +--
 pages/profile.php    | 10 +++++-----
 pages/register.php   | 17 +++++++++--------
 4 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/pages/identities.php b/pages/identities.php
index b592fa3..6f1b31f 100644
--- a/pages/identities.php
+++ b/pages/identities.php
@@ -64,7 +64,7 @@
         }
     }
 
-    if(isset($_REQUEST['createIdent']) && isset($_REQUEST['newName']) && $_REQUEST['createIdent'] == "" && $_REQUEST['newName'] == "")
+    if(isset($_REQUEST['createIdent']) && isset($_REQUEST['newName']) && $_REQUEST['createIdent'] == "" && $_REQUEST['newName'] != "")
     {
         $avatarNameParts = explode(" ", trim($_REQUEST['newName']));
 
@@ -105,7 +105,7 @@
         {
             $entry = '<tr><td>'.htmlspecialchars(trim($RUNTIME['OPENSIM']->getUserName($row['IdentityID']))).' <span class="badge badge-info">Aktiv</span></td><td>-</td></tr>';
         }else{
-            $entry = '<tr><td>'.htmlspecialchars(trim($RUNTIME['OPENSIM']->getUserName($row['IdentityID']))).'</td><td><form action="index.php?page=identities" method="post">%%CSRF%%<input type="hidden" name="newuuid" value="'.htmlspecialchars($row['IdentityID']).'"><button type="submit" name="enableIdent" class="btn btn-success btn-sm">Aktievieren</button></form></td></tr>';
+            $entry = '<tr><td>'.htmlspecialchars(trim($RUNTIME['OPENSIM']->getUserName($row['IdentityID']))).'</td><td><form action="index.php?page=identities" method="post">%%CSRF%%<input type="hidden" name="newuuid" value="'.htmlspecialchars($row['IdentityID']).'"><button type="submit" name="enableIdent" class="btn btn-success btn-sm">Aktivieren</button></form></td></tr>';
         }
 
         $table = str_replace("%%ENTRY%%", $entry."%%ENTRY%%", $table);
diff --git a/pages/login.php b/pages/login.php
index 02eb40c..60c43ba 100644
--- a/pages/login.php
+++ b/pages/login.php
@@ -1,12 +1,11 @@
 <?php
-	include_once 'classen/FormValidator.php';
-
 	$HTML = new HTML();
 	$HTML->setHTMLTitle("Login");
 	$HTML->importHTML("style/login/login.html");
 
 	if(isset($_POST['login']))
 	{
+		include_once 'classen/FormValidator.php';
 		$validator = new FormValidator(array(
 			'username' => array('required' => true, 'regex' => '/[^\\\/<>\s]{1,64} [^\\\/<>\s]{1,64}/'),
 			'password' => array('required' => true, 'regex' => '/.{1,1000}/')
diff --git a/pages/profile.php b/pages/profile.php
index 178d9bf..b47114c 100644
--- a/pages/profile.php
+++ b/pages/profile.php
@@ -31,7 +31,7 @@
         }
     }
 
-    if(isset($_REQUEST['formInputFeldVorname']) || @$_REQUEST['formInputFeldVorname'] != "")
+    if(isset($_REQUEST['formInputFeldVorname']) && $_REQUEST['formInputFeldVorname'] != "")
     {
         $NewFirstName = trim($_REQUEST['formInputFeldVorname']);
 
@@ -48,7 +48,7 @@
         }
     }
 
-    if(isset($_REQUEST['formInputFeldNachname']) || @$_REQUEST['formInputFeldNachname'] != "")
+    if(isset($_REQUEST['formInputFeldNachname']) && $_REQUEST['formInputFeldNachname'] != "")
     {
         $NewLastName = trim($_REQUEST['formInputFeldNachname']);
 
@@ -65,7 +65,7 @@
         }
     }
 
-    if(isset($_REQUEST['formInputFeldEMail']) || @$_REQUEST['formInputFeldEMail'] != "")
+    if(isset($_REQUEST['formInputFeldEMail']) && $_REQUEST['formInputFeldEMail'] != "")
     {
         $NewEMail = trim($_REQUEST['formInputFeldEMail']);
 
@@ -84,7 +84,7 @@
         }
     }
 
-    if(isset($_REQUEST['formInputFeldOfflineIM']) || @$_REQUEST['formInputFeldOfflineIM'] != "")
+    if(isset($_REQUEST['formInputFeldOfflineIM']) && $_REQUEST['formInputFeldOfflineIM'] != "")
     {
         $NewOfflineIM = trim($_REQUEST['formInputFeldOfflineIM']);
 
@@ -101,7 +101,7 @@
         $statement->execute(['IMState' => 'false', 'PrincipalID' => $_SESSION['UUID']]);
     }
 
-    if(isset($_REQUEST['formInputFeldPartnerName']) || @$_REQUEST['formInputFeldPartnerName'] != "")
+    if(isset($_REQUEST['formInputFeldPartnerName']) && $_REQUEST['formInputFeldPartnerName'] != "")
     {
         $NewPartner = trim($_REQUEST['formInputFeldPartnerName']);
         $CurrentPartner = $RUNTIME['OPENSIM']->getPartner($_SESSION['UUID']);
diff --git a/pages/register.php b/pages/register.php
index a52dc5b..88ebba0 100644
--- a/pages/register.php
+++ b/pages/register.php
@@ -1,6 +1,7 @@
 <?php
 	function displayPage(string $message)
 	{
+		global $RUNTIME;
 		$HTML = new HTML();
 		$HTML->setHTMLTitle("Registrieren");
 		$HTML->importHTML("style/login/register.html");
@@ -21,8 +22,15 @@
 		die("INVALID INVITE CODE!");
 	}
 
+	$statementInviteCode = $RUNTIME['PDO']->prepare("SELECT 1 FROM InviteCodes WHERE InviteCode = ? LIMIT 1");
+	$statementInviteCode->execute([$_REQUEST['code']]);
+
+	if($statementInviteCode->rowCount() == 0) {
+		die("INVALID INVITE CODE!");
+	}
+
 	if(!isset($_REQUEST['doRegister']))
-	{
+	{		
 		displayPage("");
 	}
 
@@ -47,13 +55,6 @@
 		die();
 	}
 
-	$statementInviteCode = $RUNTIME['PDO']->prepare("SELECT 1 FROM InviteCodes WHERE InviteCode = ? LIMIT 1");
-	$statementInviteCode->execute([$_REQUEST['code']]);
-
-	if($statementInviteCode->rowCount() == 0) {
-		die("INVALID INVITE CODE!");
-	}
-
 	$RUNTIME['REGISTER']['Name']	=	null;
 	$RUNTIME['REGISTER']['PASS']	=	null;
 	$RUNTIME['REGISTER']['EMAIL']	=	null;