fix: 🐛 Fix the infinite credits exploit in development.
This commit is contained in:
parent
22413c3b30
commit
ee5b99ce71
|
@ -7,7 +7,6 @@ use App\Settings\UserSettings;
|
||||||
class Verified
|
class Verified
|
||||||
{
|
{
|
||||||
private $server_limit_after_verify_email;
|
private $server_limit_after_verify_email;
|
||||||
|
|
||||||
private $credits_reward_after_verify_email;
|
private $credits_reward_after_verify_email;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -29,9 +28,10 @@ class Verified
|
||||||
*/
|
*/
|
||||||
public function handle($event)
|
public function handle($event)
|
||||||
{
|
{
|
||||||
if (! $event->user->email_verified_reward) {
|
if (!$event->user->email_verified_reward) {
|
||||||
$event->user->increment('server_limit', $this->server_limit_after_verify_email);
|
$event->user->increment('server_limit', $this->server_limit_after_verify_email);
|
||||||
$event->user->increment('credits', $this->credits_reward_after_verify_email);
|
$event->user->increment('credits', $this->credits_reward_after_verify_email);
|
||||||
|
$event->user->update(['email_verified_reward' => true]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -290,8 +290,7 @@ class User extends Authenticatable implements MustVerifyEmail
|
||||||
public function reVerifyEmail()
|
public function reVerifyEmail()
|
||||||
{
|
{
|
||||||
$this->forceFill([
|
$this->forceFill([
|
||||||
'email_verified_at' => null,
|
'email_verified_at' => null
|
||||||
'email_verified_reward' => true
|
|
||||||
])->save();
|
])->save();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue