Reset verification numbers in session on each POST
This commit is contained in:
parent
0d1c3e63d8
commit
938dc4ea79
|
@ -84,17 +84,20 @@ class IndexController extends Controller {
|
||||||
return $response->withHeader('Location', '/register');
|
return $response->withHeader('Location', '/register');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Get the numbers from the session, and then reset them
|
||||||
$numbers = array_map((function($i) { return intval($i); }), explode(',', $session->session_data['numbers']));
|
$numbers = array_map((function($i) { return intval($i); }), explode(',', $session->session_data['numbers']));
|
||||||
$query_values = (array) $request->getParsedBody();
|
unset($session->session_data['numbers']);
|
||||||
|
|
||||||
|
$form_values = (array) $request->getParsedBody();
|
||||||
|
|
||||||
// Check CSRF
|
// Check CSRF
|
||||||
$csrf_token = null;
|
$csrf_token = null;
|
||||||
if (array_key_exists('_csrf', $query_values)) $csrf_token = trim($query_values['_csrf']);
|
if (array_key_exists('_csrf', $form_values)) $csrf_token = trim($form_values['_csrf']);
|
||||||
$this->container->get('csrf')->check('csrf', $csrf_token);
|
$this->container->get('csrf')->check('csrf', $csrf_token);
|
||||||
|
|
||||||
// Check the math question
|
// Check the math question
|
||||||
$given_sum = null;
|
$given_sum = null;
|
||||||
if (array_key_exists('verify', $query_values)) $given_sum = intval(trim($query_values['verify']));
|
if (array_key_exists('verify', $form_values)) $given_sum = intval(trim($form_values['verify']));
|
||||||
if ($given_sum != $numbers[0] + $numbers[1]) {
|
if ($given_sum != $numbers[0] + $numbers[1]) {
|
||||||
return $this->requestGET($request, $response, array_merge($args, [
|
return $this->requestGET($request, $response, array_merge($args, [
|
||||||
'message' => 'The provided verification was incorrect.',
|
'message' => 'The provided verification was incorrect.',
|
||||||
|
@ -103,9 +106,9 @@ class IndexController extends Controller {
|
||||||
|
|
||||||
// We're good, send the notifications
|
// We're good, send the notifications
|
||||||
HookMachine::execute([self::class, 'sendAlert'], [
|
HookMachine::execute([self::class, 'sendAlert'], [
|
||||||
$query_values['username'],
|
$form_values['username'],
|
||||||
$query_values['tilde'],
|
$form_values['tilde'],
|
||||||
$query_values['message'] ?? '[no message provided]',
|
$form_values['message'] ?? '[no message provided]',
|
||||||
]);
|
]);
|
||||||
|
|
||||||
// And return a success message
|
// And return a success message
|
||||||
|
|
Loading…
Reference in New Issue