🐛 Bug fix: errors on register (#186)

DB.sql

@@ -181,7 +181,7 @@ CREATE TABLE `system` (
 --
 
 INSERT INTO `system` (`status`, `version`, `news`, `maintenance`, `frozen`, `freezingtime`, `invites`, `shoutbox`, `discordlinking`, `discordlogging`, `relinkdiscord`, `cap_service`, `cap_key`, `cap_secret`, `embed_color`) VALUES
-(0, 1, 'Welcome to the panel made by anditv21!', 0, 0, 0, 1, 0, 1, 0, 1, 0, NULL, NULL, 'ff00dd');
+(0, 1, 'Welcome to the panel made by anditv21!', 0, 0, 0, 1, 0, 1, 0, 0, 0, NULL, NULL, 'ff00dd');
 
 -- --------------------------------------------------------
 

src/app/controllers/UserController.php

@@ -84,17 +84,15 @@ public function getresetdate($uid)
     }
 
 
-
     public function registerUser($data)
     {
         // Bind login data
         $username = trim($data["username"]);
         $password = $data["password"];
         $confirmPassword = $data["confirmPassword"];
-        $invCode = trim($data["invCode"]);
 
         // Empty error vars
-        $userError = $passError = "";
+        $userError = $passError = $invCodeError = "";
         $usernameValidation = '/^[a-zA-Z0-9]*$/';
 
         // Validate username on length and letters/numbers
@@ -121,15 +119,18 @@ public function registerUser($data)
             return $passError = "Password is too short.";
         }
 
-        // Validate confirmPassword on length
+        // Validate confirmPassword
         if (empty($confirmPassword)) {
-            return $passError = "Please enter a password.";
+            return $passError = "Please confirm your password.";
         } elseif ($password != $confirmPassword) {
             return $passError = "Passwords do not match, please try again.";
         }
 
-        if ($this->SystemData()->invites == true) {
-            // Validate invCode
+        // Check if invite system is enabled
+        if ($this->SystemData()->invites) {
+            // Only bind and validate invite code if invites are enabled
+            $invCode = trim($data["invCode"]);
+
             if (empty($invCode)) {
                 return $invCodeError = "Please enter an invite code.";
             } else {
@@ -140,22 +141,23 @@ public function registerUser($data)
                     return $invCodeError = "Invite code is invalid or already used.";
                 }
             }
+        } else {
+            // Set invCode to null if invites are disabled
+            $invCode = null;
         }
 
         // Check if all errors are empty
         if (
             empty($userError) &&
             empty($passError) &&
-            empty($invCodeError) &&
-            empty($userExistsError) &&
             empty($invCodeError)
         ) {
-            // Hashing the password
+            // Hash the password
             $hashedPassword = password_hash($password, PASSWORD_ARGON2I);
 
+            // Register the user
             $result = $this->register($username, $hashedPassword, $invCode);
 
-
             // Session start
             if ($result) {
                 $this->log($username, "Just registered", auth_logs);
@@ -166,6 +168,7 @@ public function registerUser($data)
         }
     }
 
+
     public function loginUser($data)
     {
         // Bind login data

src/app/models/UsersModel.php

@@ -292,14 +292,13 @@ protected function resetfails($username)
     // Register - Sends data to DB
     protected function register($username, $hashedPassword, $invCode)
     {
+        // Fetch system settings
         $this->prepare('SELECT * FROM `system`');
         $this->statement->execute();
         $result = $this->statement->fetch();
-        $inviter = 'System';
-
-
-        if ($result && $result->invites) {
+        $inviter = 'System'; // Default inviter is 'System'
 
+        if ($result && $result->invites && !empty($invCode)) {
             $this->prepare('SELECT `createdBy` FROM `invites` WHERE `code` = ?');
             $this->statement->execute([$invCode]);
             $row = $this->statement->fetch();
@@ -311,16 +310,20 @@ protected function register($username, $hashedPassword, $invCode)
 
         // Prepare an insert statement to add the user to the users table.
         $this->prepare('INSERT INTO `users` (`username`, `password`, `invitedBy`) VALUES (?, ?, ?)');
-
         if ($this->statement->execute([$username, $hashedPassword, $inviter])) {
-            $this->prepare('DELETE FROM `invites` WHERE `code` = ?');
-            return ($this->statement->execute([$invCode]));
-        } else {
 
+            // If invite system is enabled and there was an invite code, delete the invite code
+            if ($result && $result->invites && !empty($invCode)) {
+                $this->prepare('DELETE FROM `invites` WHERE `code` = ?');
+                return $this->statement->execute([$invCode]);
+            }
+            return true;
+        } else {
             return false;
         }
     }
 
+
     // Upddate user password
     protected function updatePass($currentPassword, $hashedPassword, $username)
     {
@@ -927,7 +930,7 @@ protected function getCurrentColor()
 
     protected function get_user_Browser()
     {
-        if(isset($_COOKIE['browser'])) {
+        if (isset($_COOKIE['browser'])) {
             $userBrowser = Util::securevar($_COOKIE['browser']);
 
             setcookie('browser', '', time() - 3600, '/');
@@ -990,5 +993,4 @@ protected function get_user_os()
         }
         return $os_platform;
     }
-
 }