Commit 9c9526cb authored by Leigh B. Stoller's avatar Leigh B. Stoller
Browse files

When requesting a CD Key, stash the initial unlock key away forever in

a new slot so that we remember it. The user needs to enter that key in
the local account request page. This is how we enforce some semblance
of security; the user has to know the IP of the node, and the CDKey.
Also works to weed out the bozos who like to fill in random web
forms.
parent c39b2cba
......@@ -176,8 +176,9 @@ $chunked = chunk_split($newkey, 4, " ");
$query_result =
DBQueryFatal("insert into widearea_privkeys ".
" (privkey, user_name, user_email, requested) ".
" values ('$newkey', '$user_name', '$user_email', now())");
" (privkey, lockkey, user_name, user_email, requested) ".
" values ('$newkey', '$newkey', '$user_name', ".
" '$user_email', now())");
TBMAIL("$user_name <$user_email>",
"Your CD key",
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment