From 6bfac1a9076b25c5c1cd9467e9051544f40d512e Mon Sep 17 00:00:00 2001
From: Keenan Pepper <keenan.pepper@salesforce.com>
Date: Wed, 27 May 2020 13:52:38 -0700
Subject: Fix bug allowing invite codes to be reused unlimited times

The invite codes aren't deleted from the DB because of a malformed query.
---
 Zotlabs/Module/Register.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'Zotlabs/Module/Register.php')

diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php
index bc813f8e1..278cf15ca 100644
--- a/Zotlabs/Module/Register.php
+++ b/Zotlabs/Module/Register.php
@@ -118,7 +118,7 @@ class Register extends Controller {
 		$invite_code   = ((x($_POST,'invite_code'))  ? notags(trim($_POST['invite_code']))  : '');
 	
 		if($using_invites && $invite_code) {
-			q("delete * from register where hash = '%s'", dbesc($invite_code));
+			q("delete from register where hash = '%s'", dbesc($invite_code));
 			// @FIXME - this also needs to be considered when using 'invites_remaining' in mod/invite.php
 			set_aconfig($result['account']['account_id'],'system','invites_remaining',$num_invites);
 		}
-- 
cgit v1.2.3