fix: 🐛 Fix the infinite credits exploit in development.
This commit is contained in:
parent
22413c3b30
commit
ee5b99ce71
|
@ -7,7 +7,6 @@ use App\Settings\UserSettings;
|
|||
class Verified
|
||||
{
|
||||
private $server_limit_after_verify_email;
|
||||
|
||||
private $credits_reward_after_verify_email;
|
||||
|
||||
/**
|
||||
|
@ -29,9 +28,10 @@ class Verified
|
|||
*/
|
||||
public function handle($event)
|
||||
{
|
||||
if (! $event->user->email_verified_reward) {
|
||||
if (!$event->user->email_verified_reward) {
|
||||
$event->user->increment('server_limit', $this->server_limit_after_verify_email);
|
||||
$event->user->increment('credits', $this->credits_reward_after_verify_email);
|
||||
$event->user->update(['email_verified_reward' => true]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -290,8 +290,7 @@ class User extends Authenticatable implements MustVerifyEmail
|
|||
public function reVerifyEmail()
|
||||
{
|
||||
$this->forceFill([
|
||||
'email_verified_at' => null,
|
||||
'email_verified_reward' => true
|
||||
'email_verified_at' => null
|
||||
])->save();
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue