Reset verification numbers in session on each POST
This commit is contained in:
parent
0d1c3e63d8
commit
938dc4ea79
|
@ -84,17 +84,20 @@ class IndexController extends Controller {
|
|||
return $response->withHeader('Location', '/register');
|
||||
}
|
||||
|
||||
// Get the numbers from the session, and then reset them
|
||||
$numbers = array_map((function($i) { return intval($i); }), explode(',', $session->session_data['numbers']));
|
||||
$query_values = (array) $request->getParsedBody();
|
||||
unset($session->session_data['numbers']);
|
||||
|
||||
$form_values = (array) $request->getParsedBody();
|
||||
|
||||
// Check CSRF
|
||||
$csrf_token = null;
|
||||
if (array_key_exists('_csrf', $query_values)) $csrf_token = trim($query_values['_csrf']);
|
||||
$this->container->get('csrf')->check('csrf', $csrf_token);
|
||||
if (array_key_exists('_csrf', $form_values)) $csrf_token = trim($form_values['_csrf']);
|
||||
$this->container->get('csrf')->check('csrf', $csrf_token);
|
||||
|
||||
// Check the math question
|
||||
$given_sum = null;
|
||||
if (array_key_exists('verify', $query_values)) $given_sum = intval(trim($query_values['verify']));
|
||||
if (array_key_exists('verify', $form_values)) $given_sum = intval(trim($form_values['verify']));
|
||||
if ($given_sum != $numbers[0] + $numbers[1]) {
|
||||
return $this->requestGET($request, $response, array_merge($args, [
|
||||
'message' => 'The provided verification was incorrect.',
|
||||
|
@ -103,9 +106,9 @@ class IndexController extends Controller {
|
|||
|
||||
// We're good, send the notifications
|
||||
HookMachine::execute([self::class, 'sendAlert'], [
|
||||
$query_values['username'],
|
||||
$query_values['tilde'],
|
||||
$query_values['message'] ?? '[no message provided]',
|
||||
$form_values['username'],
|
||||
$form_values['tilde'],
|
||||
$form_values['message'] ?? '[no message provided]',
|
||||
]);
|
||||
|
||||
// And return a success message
|
||||
|
|
Loading…
Reference in New Issue