Rooba
/
boinc
mirror of https://github.com/BOINC/boinc.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Bug fixes (thanks to Jens Seidler): set cross project id (CPID) to random value 

when creating user account from Administrator form, and lower_case email address
before inserting into database.

svn path=/trunk/boinc/; revision=4593
This commit is contained in:
Bruce Allen 2004-11-18 09:59:22 +00:00
parent f53d9dcd17
commit 512fcfc3de
2 changed files with 20 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
checkin_notes
View File

@ -19680,6 +19680,16 @@ David 17 Nov 2004
Thanks to Bruce Allen for suggesting this!!!! Thanks to Bruce Allen for suggesting this!!!!
[Note inserted by Bruce the next day. ANSI-C 4.6.2.1 says: The
longjmp function ... The longjmp function should not be called in
an exit handler (i.e., a function registered with the atexit
function (see §4.10.4.2)), since it might jump to some code which
is no longer in scope. This should be OK on OSes that delay image
teardown until after calling the handler functions, provided that
the routine calling exit() has cleaned up its memory. An
alternative might be to use dlopen() or the loader to replace the
calls to exit() with a BOINC routine.]
api/ api/
gutil.C gutil.C
x_opengl.C x_opengl.C
@ -19761,3 +19771,9 @@ Rom 17 Nov 2004
api/ api/
windows_opengl.C windows_opengl.C
Bruce 18 Nov 2004
- Bug fixes (thanks to Jens Seidler): set cross project id (CPID) to random value
when creating user account from Administrator form, and lower_case email address
before inserting into database.
html/ops/create_account_action.php

6
html/ops/create_account_action.php
View File

@ -4,6 +4,7 @@
db_init(); db_init();
$email_addr = trim($_GET["email_addr"]); $email_addr = trim($_GET["email_addr"]);
$email_addr = strtolower($email_addr);
// see if email address is taken // see if email address is taken
$query = "select * from user where email_addr='$email_addr'"; $query = "select * from user where email_addr='$email_addr'";
@ -16,8 +17,9 @@
$authenticator = random_string(); $authenticator = random_string();
$munged_email_addr = munge_email_addr($email_addr, $authenticator); $munged_email_addr = munge_email_addr($email_addr, $authenticator);
$user_name = $_GET["user_name"]; $user_name = $_GET["user_name"];
$cross_project_id=random_string();
$t = time(); $t = time();
$query = "insert into user (create_time, email_addr, name, authenticator) values ($t, '$munged_email_addr', '$user_name', '$authenticator')"; $query = "insert into user (create_time, email_addr, name, authenticator, cross_project_id) values ($t, '$munged_email_addr', '$user_name', '$authenticator', '$cross_project_id')";
$result = mysql_query($query); $result = mysql_query($query);
if (!$result) { if (!$result) {
echo "couldn't create account:".mysql_error(); echo "couldn't create account:".mysql_error();
@ -32,7 +34,7 @@
".PROJECT." URL: ".MASTER_URL." ".PROJECT." URL: ".MASTER_URL."
Your account key: $authenticator\n Your account ID: $authenticator\n
Please save this email. Please save this email.
You will need your account key to log in to the ".PROJECT." web site. You will need your account key to log in to the ".PROJECT." web site.