Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes for three issues #33

Merged
merged 3 commits into from
Feb 19, 2020
Merged

Fixes for three issues #33

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
e1b8d31
Fix for issue #26
dpi209 Feb 18, 2020
7be1947
Fix for issue #29
dpi209 Feb 18, 2020
5c6c5c9
Temporary fix for #27
dpi209 Feb 18, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions apps.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@

if (!$user) {
header("Location: $BASE_URL");
exit();
}

/* ----------------------------------------------------------------------
Expand All @@ -33,6 +34,7 @@
if (!isset($_GET) || !isset($_GET['app']) || !is_dir(realpath($BASE_DIR . 'csb-apps/' . $_GET['app']))) {
// TODO this could probably redirect to a 404 page
header("Location: $BASE_URL");
exit();
}

$app = $_GET['app'];
Expand Down
10 changes: 6 additions & 4 deletions csb-accounts/auth-login.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,12 +58,14 @@
if(!empty($error)) {
$_SESSION['errMsg'] = "Error:" . $error;
header("Location: " . $ACC_URL . "register.php");
exit();
}
// No errors? Kill the error
else {
regUser($db, $_POST, $hashed);
// Send the newly registered user off to the main page instead of presenting a blank page.
header("Location: " . $BASE_URL);
exit();
}

/* Rescuing a Password ---------------------------------------------- */
Expand All @@ -83,13 +85,14 @@
} else {
$_SESSION['errMsg'] = "No username or email matched: $name";
header("Location: " . $ACC_URL."/rescue.php");
exit();
}
} elseif ($_POST['go'] == 'passwordReset') {
$hashed = password_hash($_POST['password'], PASSWORD_DEFAULT);
$query = "UPDATE users SET password ='".$hashed."' WHERE email = '".$_POST['email']."'";
$db->runQuery($query);
header("Location: " . $ACC_URL."/rescue.php?go=success");

exit();
} else { // Javascript checks should prevent this from happening
die("You don't belong here. Run away. Run away from the error.");
}
Expand Down Expand Up @@ -182,7 +185,7 @@ function login($db, $user)

// Send them where they belong
header("Location: " . $user['referringURL']);

exit();
}

/**
Expand Down Expand Up @@ -325,8 +328,7 @@ function rescueUser ($db, $using, $value) {
// Everything worked so remove error msg
unset($_SESSION['errMsg']);
header("Location: ".$ACC_URL."rescue.php?go=submitted");


exit();
}

?>
Loading