bug 1136: Fix things that got lost in a merge some time ago bug-1136
authorMichael Tänzer <neo@nhng.de>
Tue, 6 Aug 2013 21:37:47 +0000 (23:37 +0200)
committerMichael Tänzer <neo@nhng.de>
Tue, 6 Aug 2013 21:58:15 +0000 (23:58 +0200)
Signed-off-by: Michael Tänzer <neo@nhng.de>
includes/notary.inc.php

index 5fd64f1..8266b55 100644 (file)
        // called from includes/account.php if($process != "" && $oldid == 1)
        // called from includes/account.php     if($oldid == 50 && $process != "")
                $email = mysql_real_escape_string($email);
-               $query = "select * from `email` where `email`='$email' and `deleted`=0";
+               $query = "select 1 from `email` where `email`='$email' and `deleted`=0";
                $res = mysql_query($query);
                return mysql_num_rows($res) > 0;
        }
                // called from includes/account.php     if($oldid == 50 && $process != "")
                $uid = intval($uid);
                if (0==$cca) {
-                       $query = "select * from `gpg` where `memid`='$uid' and `expire`>NOW()";
+                       $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>NOW()";
                }else{
-                       $query = "select * from `gpg` where `memid`='$uid' and `expire`>NOW()+90*86400";
+                       $query = "select 1 from `gpg` where `memid`='$uid' and `expire`>(NOW()-90*86400)";
                }
                $res = mysql_query($query);
                return mysql_num_rows($res) > 0;
        function check_is_orgadmin($uid){
                // called from includes/account.php     if($oldid == 50 && $process != "")
                $uid = intval($uid);
-               $query = "select * from `org` where `memid`='$uid' and `deleted`=0";
+               $query = "select 1 from `org` where `memid`='$uid' and `deleted`=0";
                $res = mysql_query($query);
                return mysql_num_rows($res) > 0;
        }