remove verification request if max tries are reached

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>

1 files changed, 27 insertions, 1 deletions

diff --git a/server/lib/UserManager.php b/server/lib/UserManager.php
index 6953ec8..0dfcd9c 100644
--- a/server/lib/UserManager.php
+++ b/server/lib/UserManager.php
@@ -25,6 +25,9 @@ class UserManager {
 	/** @var SignatureHandler */
 	private $signatureHandler;
 
+	/** @var int try max. 10 times to verify a account */
+	private $maxVerifyTries = 10;
+
 	/**
 	 * UserManager constructor.
 	 *
@@ -333,7 +336,6 @@ LIMIT 50');
 			$success = false;
 			switch ($verificationData['property']) {
 				case 'twitter':
-					//ToDo try to Verify Twitter account
 					$userData = $this->getForUserId($verificationData['userId']);
 					$success = $this->twitterValidator->verify($verificationData, $userData);
 					break;
@@ -345,11 +347,35 @@ LIMIT 50');
 			if ($success) {
 				$this->updateVerificationStatus($verificationData['storeId']);
 				$this->removeOpenVerificationRequest($verificationData['id']);
+			} else {
+				$this->incMaxTries($verificationData);
 			}
 		}
 	}
 
 	/**
+	 * increase number of max tries to verify account data
+	 *
+	 * @param $verificationData
+	 */
+	private function incMaxTries($verificationData) {
+		$tries = (int)$verificationData['tries'];
+		$tries++;
+
+		// max number of tries reached, remove verification request and return
+		if ($tries > $this->maxVerifyTries) {
+			$this->removeOpenVerificationRequest($verificationData['id']);
+			return;
+		}
+
+		$stmt = $this->db->prepare('UPDATE toVerify SET tries = :tries WHERE id = :id');
+		$stmt->bindParam('id', $verificationData['id']);
+		$stmt->bindParam('tries', $tries);
+		$stmt->execute();
+		$stmt->closeCursor();
+	}
+
+	/**
 	 * if data could be verified successfully we update the information in the store table
 	 *
 	 * @param $storeId