hyzen/freedoms4-backend-public
1
0
Fork 0
mirror of https://github.com/hyzendust/freedoms4-backend-public.git synced 2026-06-30 23:12:18 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix: too many otp requests when deleting user and re-registering

Browse Source
This commit is contained in:
hyzen
2026-06-19 16:25:40 +02:00
parent 31c4356b1e
commit b99440ea75
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
admin.php
View File

@@ -139,7 +139,7 @@ if ($user_id === 0) {
$pdo = db_connect(); $pdo = db_connect();
// Prevent admin from acting on themselves // Prevent admin from acting on themselves
$stmt = $pdo->prepare('SELECT username FROM users WHERE id = :id LIMIT 1'); $stmt = $pdo->prepare('SELECT username, email FROM users WHERE id = :id LIMIT 1');
$stmt->execute([':id' => $user_id]); $stmt->execute([':id' => $user_id]);
$target = $stmt->fetch(); $target = $stmt->fetch();
if (!$target) { if (!$target) {
@@ -202,6 +202,12 @@ if ($action === 'delete_user') {
$pdo->prepare('DELETE FROM users WHERE id = :id') $pdo->prepare('DELETE FROM users WHERE id = :id')
->execute([':id' => $user_id]); ->execute([':id' => $user_id]);
// Clear OTP history for this email so re-signing-up doesn't hit the
// daily OTP request limit because of OTPs sent before deletion.
$pdo->prepare('DELETE FROM email_otps WHERE email = :e')
->execute([':e' => $target['email']]);
json_out(['success' => true]); json_out(['success' => true]);
} }