summaryrefslogtreecommitdiff
path: root/web
diff options
context:
space:
mode:
authorLukas Fleischer <archlinux@cryptocrack.de>2013-03-19 13:44:08 +0100
committerLukas Fleischer <archlinux@cryptocrack.de>2013-03-19 14:03:34 +0100
commitf1a4b508e57879e2c17feded54f0d1b82ae54d2b (patch)
treed5ae86e8d3c4aede2cb62061f8155f99f70c33d1 /web
parent97dd4b0f4de69e63e7924ba9ecb726b3c07008f4 (diff)
Enforce e-mail validation during registration
Remove the password field from the account creation form and always send a password reset request via e-mail instead. This ensures that only users with valid e-mail addresses are able to login. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web')
-rw-r--r--web/html/account.php4
-rw-r--r--web/template/account_edit_form.php4
2 files changed, 4 insertions, 4 deletions
diff --git a/web/html/account.php b/web/html/account.php
index f15a10a..50d376f 100644
--- a/web/html/account.php
+++ b/web/html/account.php
@@ -105,8 +105,8 @@ if (isset($_COOKIE["AURSID"])) {
#
process_account_form("","new", "NewAccount",
in_request("U"), 1, 0, in_request("E"),
- in_request("P"), in_request("C"), in_request("R"),
- in_request("L"), in_request("I"), in_request("K"));
+ '', '', in_request("R"), in_request("L"),
+ in_request("I"), in_request("K"));
} else {
# display the account request form
diff --git a/web/template/account_edit_form.php b/web/template/account_edit_form.php
index a41b34c..a0de2a3 100644
--- a/web/template/account_edit_form.php
+++ b/web/template/account_edit_form.php
@@ -60,17 +60,17 @@
<input type="text" size="30" maxlength="64" name="E" id="id_email" value="<?= htmlspecialchars($E,ENT_QUOTES) ?>" /> (<?= __("required") ?>)
</p>
+ <?php if ($A == "UpdateAccount"): ?>
<p>
<label for="id_passwd1"><?= __("Password") ?>:</label>
<input type="password" size="30" name="P" id="id_passwd1" value="<?= $P ?>" />
- <?php if ($A != "UpdateAccount"): print " (".__("required").")"; endif; ?>
</p>
<p>
<label for="id_passwd2"><?= __("Re-type password") ?>:</label>
<input type="password" size="30" name="C" id="id_passwd2" value="<?= $C ?>" />
- <?php if ($A != "UpdateAccount"): print " (".__("required").")"; endif; ?>
</p>
+ <?php endif; ?>
<p>
<label for="id_realname"><?= __("Real Name") ?>:</label>