# HG changeset patch
# User bsw
# Date 1282224973 -7200
# Node ID 3da86120cadde2cf5a8381521ba733b6f9b9f1bf
# Parent  8183cc841c00dca726d88d8e8a6f3e750b402f51
Security related fix of locking during registration process

diff -r 8183cc841c00 -r 3da86120cadd app/main/index/_action/register.lua
--- a/app/main/index/_action/register.lua	Thu Aug 05 11:56:44 2010 +0200
+++ b/app/main/index/_action/register.lua	Thu Aug 19 15:36:13 2010 +0200
@@ -1,4 +1,10 @@
-local invite_code = InviteCode:by_code(param.get("code"))
+local code = param.get("code")
+
+local invite_code = InviteCode:new_selector()
+  :add_where{ "code = ?", code }
+  :optional_object_mode()
+  :for_update()
+  :exec()
 
 if not invite_code or invite_code.used then
   slot.put_into("error", _"The code you've entered is invalid")