Enforce e-mail validation during registration

Remove the password field from the account creation form and always send a password reset request via e-mail instead. This ensures that only users with valid e-mail addresses are able to login. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2025-02-03 10:43:03 +01:00 · 2013-03-19 13:44:08 +01:00 · 2013-03-19 13:44:08 +01:00 · f1a4b508e5
commit f1a4b508e5
parent 97dd4b0f4d
2 changed files with 4 additions and 4 deletions
--- a/web/html/account.php
+++ b/web/html/account.php
@ -105,8 +105,8 @@ if (isset($_COOKIE["AURSID"])) {
 		#
 		process_account_form("","new", "NewAccount",
 				in_request("U"), 1, 0, in_request("E"),
-				in_request("P"), in_request("C"), in_request("R"),
-				in_request("L"), in_request("I"), in_request("K"));
+				'', '', in_request("R"), in_request("L"),
+				in_request("I"), in_request("K"));

 	} else {
 		# display the account request form
--- a/web/template/account_edit_form.php
+++ b/web/template/account_edit_form.php
@ -60,17 +60,17 @@
 			<input type="text" size="30" maxlength="64" name="E" id="id_email" value="<?= htmlspecialchars($E,ENT_QUOTES) ?>" /> (<?= __("required") ?>)
 		</p>

+		<?php if ($A == "UpdateAccount"): ?>
 		<p>
 			<label for="id_passwd1"><?= __("Password") ?>:</label>
 			<input type="password" size="30" name="P" id="id_passwd1" value="<?= $P ?>" />
-			<?php if ($A != "UpdateAccount"): print " (".__("required").")"; endif; ?>
 		</p>

 		<p>
 			<label for="id_passwd2"><?= __("Re-type password") ?>:</label>
 			<input type="password" size="30" name="C" id="id_passwd2" value="<?= $C ?>" />
-			<?php if ($A != "UpdateAccount"): print " (".__("required").")"; endif; ?>
 		</p>
+		<?php endif; ?>

 		<p>
 			<label for="id_realname"><?= __("Real Name") ?>:</label>