diff options
| -rw-r--r-- | activate.php | 8 | ||||
| -rw-r--r-- | login.php | 1 | ||||
| -rw-r--r-- | register.php | 2 |
3 files changed, 9 insertions, 2 deletions
diff --git a/activate.php b/activate.php index 4aeb00da..8508b2c9 100644 --- a/activate.php +++ b/activate.php @@ -22,7 +22,7 @@ $no_session = true; require_once( "modules/init.php" ); -if(conf('demo_mode')) { +if(!conf('allow_public_registration') || conf('demo_mode')) { access_denied(); } @@ -42,6 +42,12 @@ if (!$val1){ echo "</body></html>"; break; } +if ($val1 != $validation) { + $GLOBALS['error']->add_error('validation_failed',_("The validation key used isn't correct.")); + $GLOBALS['error']->print_error('validation_failed'); + echo "</body></html>"; + break; + } $activate = $GLOBALS['user']->activate_user($username); show_confirmation('User activated','This User ID is activated and can be used','/login.php'); echo "</body></html>"; @@ -80,6 +80,7 @@ if ( ($auth['success'] == 1)) { !strstr($_POST['referrer'],"install.php") AND !strstr($_POST['referrer'],"login.php") AND !strstr($_POST['referrer'],"update.php") AND + !strstr($_POST['referrer'],"activate.php") AND !strstr($_POST['referrer'],"admin")) { header("Location: " . $_POST['referrer']); diff --git a/register.php b/register.php index 1034312d..027dc991 100644 --- a/register.php +++ b/register.php @@ -39,7 +39,7 @@ require ("modules/validatemail/validateEmail.php"); /* Check Perms */ -if (!conf('allow_public_registration')) { +if (!conf('allow_public_registration') || conf('demo_mode')) { access_denied(); } |