X-Git-Url: https://git.treefish.org/banana.git/blobdiff_plain/17d5ad30f747658451fae84fe65cb1f5b66d377c..288a7087acaeb011fe8bb828d8d081be2a7fc12e:/register.php

diff --git a/register.php b/register.php
index 13e2aab..e63872b 100644
--- a/register.php
+++ b/register.php
@@ -1,6 +1,8 @@
 <?php
 require 'include/head.inc';
 require 'include/prefs.inc';
+require 'include/common.inc';
+
 
 if(isset($_POST['submit']) && $_POST['firstname']!="" && $_POST['lastname']!="" 
 			   && $_POST['mnumber']!="" && $_POST['email']!="" && $_POST['password']!="")
@@ -11,6 +13,11 @@ if(isset($_POST['submit']) && $_POST['firstname']!="" && $_POST['lastname']!=""
   $email = $_POST['email'];
   $password = $_POST['password'];
 
+  if( ! is_numeric($mnumber) ) {
+    block("red", "Mat.nummer has to be numeric!");
+    exit;
+  }
+
   require 'include/db.inc';
 
   // user already exists //
@@ -18,7 +25,7 @@ if(isset($_POST['submit']) && $_POST['firstname']!="" && $_POST['lastname']!=""
     print "<table bgcolor=\"red\">";
       print "<tr><th><b><font color=\"white\">user already registered</font></b></th><tr>";
     print "</table>";
-    break;
+    exit;
   }
 
   $db->query("INSERT INTO students (mnumber,firstname,lastname,email,password) 
@@ -39,7 +46,7 @@ if(isset($_POST['submit']) && $_POST['firstname']!="" && $_POST['lastname']!=""
     'X-Mailer: PHP/' . phpversion();
   mail($email, "Banana Registration: " . $PREFS['exname'] . " (" . $PREFS['groupname'] . ")", $nachricht, $header);
 
-  break;
+  exit;
 }
 ?>