diff options
author | Daniel Friesel <derf@finalrewind.org> | 2019-03-08 18:52:12 +0100 |
---|---|---|
committer | Daniel Friesel <derf@finalrewind.org> | 2019-03-08 18:52:12 +0100 |
commit | ff6a7512d5bc4d06893e25e821ff6789ef398227 (patch) | |
tree | 31cd82a39f17a7d31c79600657deb7b90b0256f1 | |
parent | bee0930d1b8f5b14ec6050737c79834b4a9cbd77 (diff) |
do not allow multiple pending registrations for one mail0.05
-rwxr-xr-x | index.pl | 38 | ||||
-rw-r--r-- | templates/register.html.ep | 2 |
2 files changed, 39 insertions, 1 deletions
@@ -235,6 +235,22 @@ app->attr( } ); app->attr( + get_pending_mails_query => sub { + my ($self) = @_; + + return $self->app->dbh->prepare( + qq{select id from users where email = ? and status = 0;}); + } +); +app->attr( + get_listed_mails_query => sub { + my ($self) = @_; + + return $self->app->dbh->prepare( + qq{select * from pending_mails where email = ?;}); + } +); +app->attr( get_user_query => sub { my ($self) = @_; @@ -661,6 +677,20 @@ helper 'check_if_user_name_exists' => sub { return 0; }; +helper 'check_if_mail_is_blacklisted' => sub { + my ( $self, $mail ) = @_; + + $self->app->get_pending_mails_query->execute($mail); + if ( @{ $self->app->get_pending_mails_query->fetchall_arrayref } ) { + return 1; + } + $self->app->get_listed_mails_query->execute($mail); + if ( @{ $self->app->get_listed_mails_query->fetchall_arrayref } ) { + return 1; + } + return 0; +}; + helper 'get_user_travels' => sub { my ( $self, $limit ) = @_; @@ -946,6 +976,11 @@ post '/register' => sub { return; } + if ( $self->check_if_mail_is_blacklisted($email) ) { + $self->render( 'register', invalid => 'mail_blacklisted' ); + return; + } + if ( $password ne $password2 ) { $self->render( 'register', invalid => 'password_notequal' ); return; @@ -958,6 +993,7 @@ post '/register' => sub { my $token = make_token(); my $pw_hash = hash_password($password); + $self->app->dbh->begin_work; my $user_id = $self->add_user( $user, $email, $token, $pw_hash ); my $body = "Hallo, ${user}!\n\n"; @@ -991,9 +1027,11 @@ post '/register' => sub { my $success = try_to_sendmail($reg_mail); if ($success) { + $self->app->dbh->commit; $self->render( 'login', from => 'register' ); } else { + $self->app->dbh->rollback; $self->render( 'register', invalid => 'sendmail' ); } }; diff --git a/templates/register.html.ep b/templates/register.html.ep index d1e189d..6a4a72d 100644 --- a/templates/register.html.ep +++ b/templates/register.html.ep @@ -37,7 +37,7 @@ % } % elsif ($invalid eq 'mail_blacklisted') { <span class="card-title">Mailadresse nicht nutzbar</span> - <p>Mit der angegebenen E-Mail-Adresse können keine + <p>Mit der angegebenen E-Mail-Adresse können derzeit keine travelynx-Accounts registriert werden.</p> % } % elsif ($invalid eq 'sendmail') { |