diff --git a/inc/header.php b/inc/header.php
index ef3deb8..b5d9de5 100644
--- a/inc/header.php
+++ b/inc/header.php
@@ -21,6 +21,8 @@
?>
| via CJDNS
diff --git a/purchase.php b/purchase.php
index 7da3b43..b0efd0b 100644
--- a/purchase.php
+++ b/purchase.php
@@ -1,6 +1,5 @@
Purchase a month of service. If you are a new user, enter a username, password, and email to register with. If you are an existing user, enter your login username and password, check the renewal box, and enter a valid email address.
You have selected the renew option, but the username you gave does not exist.";
- } else if ($_GET['err'] == "usernameinvalid") {
- echo "That username is not available. Please choose another.
";
- } else if ($_GET['err'] == "renewpasswrong") {
- echo "The password is incorrect.
";
- } else if ($_GET['err'] == "bademail") {
- echo "The email address is not in a valid format. Try again.
";
- } else if ($_GET['err'] == "shortpassword") {
- echo "Your password is too short. It needs to be at least 8 characters long.
";
- } else if ($_GET['err'] == "commonpassword") {
- echo "Your chosen password is in a public list of 1,000,000 common passwords, and is therefore insecure. Choose a better one. ";
+ $err = "";
+ switch ($_GET['err']) {
+ case "renewinvaliduser":
+ $err = "You have selected the renew option, but the username you gave does not exist.";
+ break;
+ case "usernameinvalid":
+ $err = "That username is not available. Please choose another.";
+ break;
+ case "renewpasswrong":
+ $err = "The password is incorrect.";
+ break;
+ case "bademail":
+ $err = "The email address is not in a valid format. Try again.";
+ break;
+ case "shortpassword":
+ $err = "Your password is too short. It needs to be at least 8 characters long.";
+ break;
+ case "commonpassword":
+ $err = "Your chosen password is in a public list of 1,000,000 common passwords, and is therefore insecure. Choose a better one.";
+ break;
+ case "acceptterms":
+ $err = "You need to accept the terms of service.";
+ break;
+ case "":
+ $err = "";
+ break;
+ default:
+ $err = "An unknown error occurred. Try again, and if the issue persists, open a support ticket.";
+ break;
+ }
+ if ($err !== "") {
+ echo "$err
";
}
?>
diff --git a/purchase2.php b/purchase2.php
index 74bad9d..a7bccbe 100644
--- a/purchase2.php
+++ b/purchase2.php
@@ -19,6 +19,11 @@ if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
die("Invalid email address.");
}
+if ($_POST['agree_tos'] !== '1') {
+ header("Location: purchase.php?plan=" . $plan . "&err=acceptterms");
+ die("You need to accept the terms of service first.");
+}
+
$renewing = (isset($_POST["renewing"]) && $_POST["renewing"] == "1");
if ($renewing && !$userexists) {
header("Location: purchase.php?plan=" . $plan . "&err=renewinvaliduser");