From ff6a7512d5bc4d06893e25e821ff6789ef398227 Mon Sep 17 00:00:00 2001 From: Daniel Friesel Date: Fri, 8 Mar 2019 18:52:12 +0100 Subject: do not allow multiple pending registrations for one mail --- index.pl | 38 ++++++++++++++++++++++++++++++++++++++ templates/register.html.ep | 2 +- 2 files changed, 39 insertions(+), 1 deletion(-) diff --git a/index.pl b/index.pl index 7b84c4a..84d6aec 100755 --- a/index.pl +++ b/index.pl @@ -234,6 +234,22 @@ app->attr( qq{select id from users where name = ?}); } ); +app->attr( + get_pending_mails_query => sub { + my ($self) = @_; + + return $self->app->dbh->prepare( + qq{select id from users where email = ? and status = 0;}); + } +); +app->attr( + get_listed_mails_query => sub { + my ($self) = @_; + + return $self->app->dbh->prepare( + qq{select * from pending_mails where email = ?;}); + } +); app->attr( get_user_query => sub { my ($self) = @_; @@ -661,6 +677,20 @@ helper 'check_if_user_name_exists' => sub { return 0; }; +helper 'check_if_mail_is_blacklisted' => sub { + my ( $self, $mail ) = @_; + + $self->app->get_pending_mails_query->execute($mail); + if ( @{ $self->app->get_pending_mails_query->fetchall_arrayref } ) { + return 1; + } + $self->app->get_listed_mails_query->execute($mail); + if ( @{ $self->app->get_listed_mails_query->fetchall_arrayref } ) { + return 1; + } + return 0; +}; + helper 'get_user_travels' => sub { my ( $self, $limit ) = @_; @@ -946,6 +976,11 @@ post '/register' => sub { return; } + if ( $self->check_if_mail_is_blacklisted($email) ) { + $self->render( 'register', invalid => 'mail_blacklisted' ); + return; + } + if ( $password ne $password2 ) { $self->render( 'register', invalid => 'password_notequal' ); return; @@ -958,6 +993,7 @@ post '/register' => sub { my $token = make_token(); my $pw_hash = hash_password($password); + $self->app->dbh->begin_work; my $user_id = $self->add_user( $user, $email, $token, $pw_hash ); my $body = "Hallo, ${user}!\n\n"; @@ -991,9 +1027,11 @@ post '/register' => sub { my $success = try_to_sendmail($reg_mail); if ($success) { + $self->app->dbh->commit; $self->render( 'login', from => 'register' ); } else { + $self->app->dbh->rollback; $self->render( 'register', invalid => 'sendmail' ); } }; diff --git a/templates/register.html.ep b/templates/register.html.ep index d1e189d..6a4a72d 100644 --- a/templates/register.html.ep +++ b/templates/register.html.ep @@ -37,7 +37,7 @@ % } % elsif ($invalid eq 'mail_blacklisted') { Mailadresse nicht nutzbar -

Mit der angegebenen E-Mail-Adresse können keine +

Mit der angegebenen E-Mail-Adresse können derzeit keine travelynx-Accounts registriert werden.

% } % elsif ($invalid eq 'sendmail') { -- cgit v1.2.3