aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--mod/zregister.php37
-rw-r--r--view/tpl/zregister.tpl5
2 files changed, 20 insertions, 22 deletions
diff --git a/mod/zregister.php b/mod/zregister.php
index 0ce6b90ef..6478c7c9a 100644
--- a/mod/zregister.php
+++ b/mod/zregister.php
@@ -5,21 +5,23 @@ require_once('include/account.php');
function zregister_init(&$a) {
$a->page['template'] = 'full';
+ $result = null;
$cmd = ((argc() > 1) ? argv(1) : '');
-
- if($cmd === 'invite_check.json') {
- $result = check_account_invite($_REQUEST['invite_code']);
- json_return_and_die($result);
- }
-
- if($cmd === 'email_check.json') {
- $result = check_account_email($_REQUEST['email']);
- json_return_and_die($result);
+ switch($cmd) {
+ case 'invite_check.json':
+ $result = check_account_invite($_REQUEST['invite_code']);
+ break;
+ case 'email_check.json':
+ $result = check_account_email($_REQUEST['email']);
+ break;
+ case 'password_check.json':
+ $result = check_account_password($_REQUEST['password']);
+ break;
+ default:
+ break;
}
-
- if($cmd === 'password_check.json') {
- $result = check_account_password($_REQUEST['password']);
+ if($result) {
json_return_and_die($result);
}
}
@@ -218,11 +220,10 @@ function zregister_content(&$a) {
$enable_tos = 1 - intval(get_config('system','no_termsofservice'));
- $email = ((x($_REQUEST,'email')) ? $_REQUEST['email'] : "" );
- $password = ((x($_REQUEST,'password')) ? $_REQUEST['password'] : "" );
- $password2 = ((x($_REQUEST,'password2')) ? $_REQUEST['password2'] : "" );
- $invite_code = ((x($_REQUEST,'invite_code')) ? $_REQUEST['invite_code'] : "" );
-
+ $email = ((x($_REQUEST,'email')) ? strip_tags(trim($_REQUEST['email'])) : "" );
+ $password = ((x($_REQUEST,'password')) ? trim($_REQUEST['password']) : "" );
+ $password2 = ((x($_REQUEST,'password2')) ? trim($_REQUEST['password2']) : "" );
+ $invite_code = ((x($_REQUEST,'invite_code')) ? strip_tags(trim($_REQUEST['invite_code'])) : "" );
$o = replace_macros(get_markup_template('zregister.tpl'), array(
@@ -232,7 +233,7 @@ function zregister_content(&$a) {
'$invitations' => get_config('system','invitation_only'),
'$invite_desc' => t('Membership on this site is by invitation only.'),
'$label_invite' => t('Please enter your invitation code'),
- '$invite_id' => $invite_id,
+ '$invite_code' => $invite_code,
'$label_email' => t('Your email address'),
'$label_pass1' => t('Choose a password'),
diff --git a/view/tpl/zregister.tpl b/view/tpl/zregister.tpl
index d888052b0..3a2c38a13 100644
--- a/view/tpl/zregister.tpl
+++ b/view/tpl/zregister.tpl
@@ -10,14 +10,11 @@
<p id="register-invite-desc">$invite_desc</p>
<label for="zregister-invite" id="label-zregister-invite" class="zregister-label">$label_invite</label>
- <input type="text" maxlength="72" size="32" name="invite_id" id="zregister-invite" class="zregister-input" value="$invite_id" />
- </div>
+ <input type="text" maxlength="72" size="32" name="invite_code" id="zregister-invite" class="zregister-input" value="$invite_code" />
<div id="zregister-invite-feedback" class="zregister-feedback"></div>
<div id="zregister-invite-end" class="zregister-field-end"></div>
-
{{ endif }}
-
<label for="zregister-email" id="label-zregister-email" class="zregister-label" >$label_email</label>
<input type="text" maxlength="72" size="32" name="email" id="zregister-email" class="zregister-input" value="$email" />
<div id="zregister-email-feedback" class="zregister-feedback"></div>