修复逻辑漏洞

2023-05-26 23:15:33 +08:00 · 2023-05-26 23:15:33 +08:00 · 8574981ee4
commit 8574981ee4
parent 25b497c50c
1 changed files with 18 additions and 12 deletions
--- a/public/api/auth/registerCheck/index.php
+++ b/public/api/auth/registerCheck/index.php
@ -41,30 +41,36 @@
                    $AResult_Code = Sql::SELECT("SELECT * FROM `index`.`xf_email_verify` WHERE `code`='{$GetData['code']}'");
                    // check sql data not empty
                    if ($AResult_Code['output'] = "Success") {
-                        if ($_COOKIE['user'] == $AResult_Code['data']->uid) {
+                        // check this verify code have effective
-                            // update this user info in sql (update xf_user.email_verify)
+                        if ($AResult_Code['data']->time + $Array_ConfigData['Mail']['ExpDate'] > time()) {
-                            if (Sql::UPDATE("UPDATE `index`.xf_user SET `email_verify`=1 WHERE `uid`='{$_COOKIE['user']}'")) {
+                            if ($_COOKIE['user'] == $AResult_Code['data']->uid) {
-                                // delete the email_verify
+                                // update this user info in sql (update xf_user.email_verify)
-                                if (Sql::DELETE("DELETE FROM `index`.xf_email_verify WHERE `id`='{$AResult_Code['data']->id}'")) {
+                                if (Sql::UPDATE("UPDATE `index`.xf_user SET `email_verify`=1 WHERE `uid`='{$_COOKIE['user']}'")) {
-                                    Normal::Output(200);
+                                    // delete the email_verify
                                    if (Sql::DELETE("DELETE FROM `index`.xf_email_verify WHERE `id`='{$AResult_Code['data']->id}'")) {
                                        Normal::Output(200);
                                    } else {
                                        Normal::Output(303);
                                    }
                                } else {
-                                    Normal::Output(303);
+                                    Normal::Output(302);
                                }
                            } else {
-                                Normal::Output(302);
+                                Normal::CustomOutput("codeNotYour", 403, "这个验证码不是你");
                            }
                        } else {
-                            Normal::CustomOutput("CodeNotYour", 403, "这个验证码不是你");
+                            Sql::DELETE("DELETE FROM `index`.xf_email_verify WHERE `id`='{$AResult_Code['data']->id}'");
                            Normal::CustomOutput("codeIsDisEffective", 403, "验证码已过期");
                        }
                    } else {
                        // SqlSelectFail__CodeEmpty
-                        Normal::Output(301, null, "CodeEmpty");
+                        Normal::Output(301, null, "codeEmpty");
                    }
                } else {
-                    Normal::CustomOutput("CodeFormat", 403, "激活码格式错误");
+                    Normal::CustomOutput("codeFormat", 403, "激活码格式错误");
                }
            } else {
-                Normal::CustomOutput("NoCode", 403, "请提供激活码");
+                Normal::CustomOutput("noCode", 403, "请提供激活码");
            }
        } else {
            // userFormat