From 030797c08119e13da7087b1057006e73ffd838c3 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 16 Aug 2006 17:25:19 +0000 Subject: [PATCH] bug #163 --- includes/account.php | 37 +++++++++++++++++++++++++++++++++++++ www/index.php | 36 ++++++++++++++++++++++++++++++++++++ 2 files changed, 73 insertions(+) diff --git a/includes/account.php b/includes/account.php index 2828e4f..b6b27ae 100644 --- a/includes/account.php +++ b/includes/account.php @@ -928,6 +928,43 @@ $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4'])))); $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5'])))); + if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] || + $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] || + $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] || + $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] || + $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] || + $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] || + $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] || + $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] || + $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] || + $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] || + $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] || + $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] || + $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] || + $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] || + $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] || + $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] || + $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] || + $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] || + $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] || + $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] || + $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] || + $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] || + $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] || + $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] || + $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] || + $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] || + $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] || + $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] || + $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] || + $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] || + $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5']) + { + $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."
\n"; + $id = $oldid; + unset($oldid); + } + if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" || $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" || $_SESSION['_config']['user']['Q5'] == "") diff --git a/www/index.php b/www/index.php index 4e815a5..a8b6344 100644 --- a/www/index.php +++ b/www/index.php @@ -263,6 +263,42 @@ $_SESSION['signup']['regional'] = intval($_REQUEST['regional']); $_SESSION['signup']['radius'] = intval($_REQUEST['radius']); + if($_SESSION['signup']['Q1'] == $_SESSION['signup']['Q2'] || + $_SESSION['signup']['Q1'] == $_SESSION['signup']['Q3'] || + $_SESSION['signup']['Q1'] == $_SESSION['signup']['Q4'] || + $_SESSION['signup']['Q1'] == $_SESSION['signup']['Q5'] || + $_SESSION['signup']['Q2'] == $_SESSION['signup']['Q3'] || + $_SESSION['signup']['Q2'] == $_SESSION['signup']['Q4'] || + $_SESSION['signup']['Q2'] == $_SESSION['signup']['Q5'] || + $_SESSION['signup']['Q3'] == $_SESSION['signup']['Q4'] || + $_SESSION['signup']['Q3'] == $_SESSION['signup']['Q5'] || + $_SESSION['signup']['Q4'] == $_SESSION['signup']['Q5'] || + $_SESSION['signup']['A1'] == $_SESSION['signup']['Q1'] || + $_SESSION['signup']['A1'] == $_SESSION['signup']['Q2'] || + $_SESSION['signup']['A1'] == $_SESSION['signup']['Q3'] || + $_SESSION['signup']['A1'] == $_SESSION['signup']['Q4'] || + $_SESSION['signup']['A1'] == $_SESSION['signup']['Q5'] || + $_SESSION['signup']['A2'] == $_SESSION['signup']['Q3'] || + $_SESSION['signup']['A2'] == $_SESSION['signup']['Q4'] || + $_SESSION['signup']['A2'] == $_SESSION['signup']['Q5'] || + $_SESSION['signup']['A3'] == $_SESSION['signup']['Q4'] || + $_SESSION['signup']['A3'] == $_SESSION['signup']['Q5'] || + $_SESSION['signup']['A4'] == $_SESSION['signup']['Q5'] || + $_SESSION['signup']['A1'] == $_SESSION['signup']['A2'] || + $_SESSION['signup']['A1'] == $_SESSION['signup']['A3'] || + $_SESSION['signup']['A1'] == $_SESSION['signup']['A4'] || + $_SESSION['signup']['A1'] == $_SESSION['signup']['A5'] || + $_SESSION['signup']['A2'] == $_SESSION['signup']['A3'] || + $_SESSION['signup']['A2'] == $_SESSION['signup']['A4'] || + $_SESSION['signup']['A2'] == $_SESSION['signup']['A5'] || + $_SESSION['signup']['A3'] == $_SESSION['signup']['A4'] || + $_SESSION['signup']['A3'] == $_SESSION['signup']['A5'] || + $_SESSION['signup']['A4'] == $_SESSION['signup']['A5']) + { + $id = 1; + $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."
\n"; + } + if($_SESSION['signup']['Q1'] == "" || $_SESSION['signup']['Q2'] == "" || $_SESSION['signup']['Q3'] == "" || $_SESSION['signup']['Q4'] == "" || $_SESSION['signup']['Q5'] == "")