T201704210903

Config.txt

@@ -24,7 +24,8 @@
 
 = rename.php =
 14101 - User name doesn't match rules
-14102 - User name already exists
+14102 - User ID not specified
+14103 - User name already exists
 
 = highscores.php =
 15101 - User ID not specified

Database.php

@@ -60,10 +60,11 @@ class Database
             case 14101:
                 return 'User name does not match rules. User name must be 6 to 20 characters and consist of English letters and numbers only.';
             case 11102:
-            case 14102:
+            case 14103:
                 return 'User name already exists. Please pick a different name.';
             case 12101:
             case 13101:
+            case 14102:
             case 15101:
                 return 'User ID not specified. This is an internal error.';
             case 12102:

rename.php

@@ -11,17 +11,17 @@ define('PATTERN', '/^[a-zA-Z0-9 ]{6,20}$/');
 $data = '';
 $error = 0;
 $name = isset($_GET['name']) ? $_GET['name'] : '';
-$uid = md5(uniqid(rand(), true));
+$uid = isset($_GET['uid']) ? $_GET['uid'] : '';
 $db = new Database();
 
 if(preg_match(PATTERN, $name) != 1) {
     $error = 14101;
-} else {
+} else if($uid = '') {
-    // Create user.
-    $db->query('UPDATE "Users" SET "name" = $1 WHERE "ID" = $2', array($name, $uid));
-    // Create error if user to create already exists.
-    if(preg_match('/violates unique constraint "Users_name_unique"/', pg_last_error()) == 1) {
     $error = 14102;
+} else {
+    $db->query('UPDATE "Users" SET "name" = $1 WHERE "ID" = $2', array($name, $uid));
+    if(preg_match('/violates unique constraint "Users_name_unique"/', pg_last_error()) == 1) {
+        $error = 14103;
     } else {
         $data = array('uid' => $uid, 'name' => $name);
     }