From 724894316a76b67c3d7bdb8f1c8c811d59393a18 Mon Sep 17 00:00:00 2001 From: Igor Scheller Date: Sun, 29 May 2022 12:29:34 +0200 Subject: [PATCH] Add transaction around user creation to safeguard against partially created users --- includes/pages/guest_login.php | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php index 6cb38fdb..afa7ea9d 100644 --- a/includes/pages/guest_login.php +++ b/includes/pages/guest_login.php @@ -1,6 +1,7 @@ getConnection(); $is_oauth = $session->has('oauth2_connect_provider'); $msg = ''; @@ -211,6 +215,9 @@ function guest_register() } if ($valid) { + // Safeguard against partially created user data + $db->beginTransaction(); + $user = new User([ 'name' => $nick, 'password' => $password_hash, @@ -295,6 +302,9 @@ function guest_register() $user_angel_types_info[] = $angel_types[$selected_angel_type_id]; } + // Commit complete user data + $db->commit(); + engelsystem_log( 'User ' . User_Nick_render($user, true) . ' signed up as: ' . join(', ', $user_angel_types_info)