Commit 9c9526cb authored by Leigh B. Stoller's avatar Leigh B. Stoller
Browse files

When requesting a CD Key, stash the initial unlock key away forever in

a new slot so that we remember it. The user needs to enter that key in
the local account request page. This is how we enforce some semblance
of security; the user has to know the IP of the node, and the CDKey.
Also works to weed out the bozos who like to fill in random web
parent c39b2cba
...@@ -176,8 +176,9 @@ $chunked = chunk_split($newkey, 4, " "); ...@@ -176,8 +176,9 @@ $chunked = chunk_split($newkey, 4, " ");
$query_result = $query_result =
DBQueryFatal("insert into widearea_privkeys ". DBQueryFatal("insert into widearea_privkeys ".
" (privkey, user_name, user_email, requested) ". " (privkey, lockkey, user_name, user_email, requested) ".
" values ('$newkey', '$user_name', '$user_email', now())"); " values ('$newkey', '$newkey', '$user_name', ".
" '$user_email', now())");
TBMAIL("$user_name <$user_email>", TBMAIL("$user_name <$user_email>",
"Your CD key", "Your CD key",
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment