SimpleMachines / SMF2.1

Sources/Register.php

Braces +171 added lines, -124 removed lines

@@ -15,8 +15,9 @@ 
  * @version 2.1 Beta 4
  */
 
-if (!defined('SMF'))
+if (!defined('SMF')) {
 	die('No direct access...');
+}
 
 /**
  * Begin the registration process.
@@ -29,19 +30,23 @@ 
 	global $language, $scripturl, $smcFunc, $sourcedir, $cur_profile;
 
 	// Is this an incoming AJAX check?
-	if (isset($_GET['sa']) && $_GET['sa'] == 'usernamecheck')
-		return RegisterCheckUsername();
+	if (isset($_GET['sa']) && $_GET['sa'] == 'usernamecheck') {
+			return RegisterCheckUsername();
+	}
 
 	// Check if the administrator has it disabled.
-	if (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == '3')
-		fatal_lang_error('registration_disabled', false);
+	if (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == '3') {
+			fatal_lang_error('registration_disabled', false);
+	}
 
 	// If this user is an admin - redirect them to the admin registration page.
-	if (allowedTo('moderate_forum') && !$user_info['is_guest'])
-		redirectexit('action=admin;area=regcenter;sa=register');
+	if (allowedTo('moderate_forum') && !$user_info['is_guest']) {
+			redirectexit('action=admin;area=regcenter;sa=register');
+	}
 	// You are not a guest, so you are a member - and members don't get to register twice!
-	elseif (empty($user_info['is_guest']))
-		redirectexit();
+	elseif (empty($user_info['is_guest'])) {
+			redirectexit();
+	}
 
 	loadLanguage('Login');
 	loadTemplate('Register');
@@ -82,16 +87,18 @@ 
 		}
 	}
 	// Make sure they don't squeeze through without agreeing.
-	elseif ($current_step > 1 && $context['require_agreement'] && !$context['registration_passed_agreement'])
-		$current_step = 1;
+	elseif ($current_step > 1 && $context['require_agreement'] && !$context['registration_passed_agreement']) {
+			$current_step = 1;
+	}
 
 	// Show the user the right form.
 	$context['sub_template'] = $current_step == 1 ? 'registration_agreement' : 'registration_form';
 	$context['page_title'] = $current_step == 1 ? $txt['registration_agreement'] : $txt['registration_form'];
 
 	// Kinda need this.
-	if ($context['sub_template'] == 'registration_form')
-		loadJavaScriptFile('register.js', array('defer' => false), 'smf_register');
+	if ($context['sub_template'] == 'registration_form') {
+			loadJavaScriptFile('register.js', array('defer' => false), 'smf_register');
+	}
 
 	// Add the register chain to the link tree.
 	$context['linktree'][] = array(
@@ -100,24 +107,26 @@ 
 	);
 
 	// Prepare the time gate! Do it like so, in case later steps want to reset the limit for any reason, but make sure the time is the current one.
-	if (!isset($_SESSION['register']))
-		$_SESSION['register'] = array(
+	if (!isset($_SESSION['register'])) {
+			$_SESSION['register'] = array(
 			'timenow' => time(),
 			'limit' => 10, // minimum number of seconds required on this page for registration
 		);
-	else
-		$_SESSION['register']['timenow'] = time();
+	} else {
+			$_SESSION['register']['timenow'] = time();
+	}
 
 	// If you have to agree to the agreement, it needs to be fetched from the file.
 	if ($context['require_agreement'])
 	{
 		// Have we got a localized one?
-		if (file_exists($boarddir . '/agreement.' . $user_info['language'] . '.txt'))
-			$context['agreement'] = parse_bbc(file_get_contents($boarddir . '/agreement.' . $user_info['language'] . '.txt'), true, 'agreement_' . $user_info['language']);
-		elseif (file_exists($boarddir . '/agreement.txt'))
-			$context['agreement'] = parse_bbc(file_get_contents($boarddir . '/agreement.txt'), true, 'agreement');
-		else
-			$context['agreement'] = '';
+		if (file_exists($boarddir . '/agreement.' . $user_info['language'] . '.txt')) {
+					$context['agreement'] = parse_bbc(file_get_contents($boarddir . '/agreement.' . $user_info['language'] . '.txt'), true, 'agreement_' . $user_info['language']);
+		} elseif (file_exists($boarddir . '/agreement.txt')) {
+					$context['agreement'] = parse_bbc(file_get_contents($boarddir . '/agreement.txt'), true, 'agreement');
+		} else {
+					$context['agreement'] = '';
+		}
 
 		// Nothing to show, lets disable registration and inform the admin of this error
 		if (empty($context['agreement']))
@@ -133,8 +142,9 @@ 
 		$selectedLanguage = empty($_SESSION['language']) ? $language : $_SESSION['language'];
 
 		// Do we have any languages?
-		if (empty($context['languages']))
-			getLanguages();
+		if (empty($context['languages'])) {
+					getLanguages();
+		}
 
 		// Try to find our selected language.
 		foreach ($context['languages'] as $key => $lang)
@@ -142,8 +152,9 @@ 
 			$context['languages'][$key]['name'] = strtr($lang['name'], array('-utf8' => ''));
 
 			// Found it!
-			if ($selectedLanguage == $lang['filename'])
-				$context['languages'][$key]['selected'] = true;
+			if ($selectedLanguage == $lang['filename']) {
+							$context['languages'][$key]['selected'] = true;
+			}
 		}
 	}
 
@@ -167,9 +178,10 @@ 
 		$reg_fields = explode(',', $modSettings['registration_fields']);
 
 		// We might have had some submissions on this front - go check.
-		foreach ($reg_fields as $field)
-			if (isset($_POST[$field]))
+		foreach ($reg_fields as $field) {
+					if (isset($_POST[$field]))
 				$cur_profile[$field] = $smcFunc['htmlspecialchars']($_POST[$field]);
+		}
 
 		// Load all the fields in question.
 		setupProfileContext($reg_fields);
@@ -186,8 +198,9 @@ 
 		$context['visual_verification_id'] = $verificationOptions['id'];
 	}
 	// Otherwise we have nothing to show.
-	else
-		$context['visual_verification'] = false;
+	else {
+			$context['visual_verification'] = false;
+	}
 
 
 	$context += array(
@@ -198,8 +211,9 @@ 
 
 	// Were there any errors?
 	$context['registration_errors'] = array();
-	if (!empty($reg_errors))
-		$context['registration_errors'] = $reg_errors;
+	if (!empty($reg_errors)) {
+			$context['registration_errors'] = $reg_errors;
+	}
 
 	createToken('register');
 }
@@ -216,27 +230,32 @@ 
 	validateToken('register');
 
 	// Check to ensure we're forcing SSL for authentication
-	if (!empty($modSettings['force_ssl']) && empty($maintenance) && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on'))
-		fatal_lang_error('register_ssl_required');
+	if (!empty($modSettings['force_ssl']) && empty($maintenance) && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on')) {
+			fatal_lang_error('register_ssl_required');
+	}
 
 	// Start collecting together any errors.
 	$reg_errors = array();
 
 	// You can't register if it's disabled.
-	if (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 3)
-		fatal_lang_error('registration_disabled', false);
+	if (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 3) {
+			fatal_lang_error('registration_disabled', false);
+	}
 
 	// Well, if you don't agree, you can't register.
-	if (!empty($modSettings['requireAgreement']) && empty($_SESSION['registration_agreed']))
-		redirectexit();
+	if (!empty($modSettings['requireAgreement']) && empty($_SESSION['registration_agreed'])) {
+			redirectexit();
+	}
 
 	// Make sure they came from *somewhere*, have a session.
-	if (!isset($_SESSION['old_url']))
-		redirectexit('action=signup');
+	if (!isset($_SESSION['old_url'])) {
+			redirectexit('action=signup');
+	}
 
 	// If we don't require an agreement, we need a extra check for coppa.
-	if (empty($modSettings['requireAgreement']) && !empty($modSettings['coppaAge']))
-		$_SESSION['skip_coppa'] = !empty($_POST['accept_agreement']);
+	if (empty($modSettings['requireAgreement']) && !empty($modSettings['coppaAge'])) {
+			$_SESSION['skip_coppa'] = !empty($_POST['accept_agreement']);
+	}
 	// Are they under age, and under age users are banned?
 	if (!empty($modSettings['coppaAge']) && empty($modSettings['coppaType']) && empty($_SESSION['skip_coppa']))
 	{
@@ -245,8 +264,9 @@ 
 	}
 
 	// Check the time gate for miscreants. First make sure they came from somewhere that actually set it up.
-	if (empty($_SESSION['register']['timenow']) || empty($_SESSION['register']['limit']))
-		redirectexit('action=signup');
+	if (empty($_SESSION['register']['timenow']) || empty($_SESSION['register']['limit'])) {
+			redirectexit('action=signup');
+	}
 	// Failing that, check the time on it.
 	if (time() - $_SESSION['register']['timenow'] < $_SESSION['register']['limit'])
 	{
@@ -266,15 +286,17 @@ 
 		if (is_array($context['visual_verification']))
 		{
 			loadLanguage('Errors');
-			foreach ($context['visual_verification'] as $error)
-				$reg_errors[] = $txt['error_' . $error];
+			foreach ($context['visual_verification'] as $error) {
+							$reg_errors[] = $txt['error_' . $error];
+			}
 		}
 	}
 
 	foreach ($_POST as $key => $value)
 	{
-		if (!is_array($_POST[$key]))
-			$_POST[$key] = htmltrim__recursive(str_replace(array("\n", "\r"), '', $_POST[$key]));
+		if (!is_array($_POST[$key])) {
+					$_POST[$key] = htmltrim__recursive(str_replace(array("\n", "\r"), '', $_POST[$key]));
+		}
 	}
 
 	// Collect all extra registration fields someone might have filled in.
@@ -304,12 +326,14 @@ 
 		$reg_fields = explode(',', $modSettings['registration_fields']);
 
 		// Website is a little different
-		if (in_array('website', $reg_fields))
-			$possible_strings += array('website_url', 'website_title');
+		if (in_array('website', $reg_fields)) {
+					$possible_strings += array('website_url', 'website_title');
+		}
 	}
 
-	if (isset($_POST['secret_answer']) && $_POST['secret_answer'] != '')
-		$_POST['secret_answer'] = md5($_POST['secret_answer']);
+	if (isset($_POST['secret_answer']) && $_POST['secret_answer'] != '') {
+			$_POST['secret_answer'] = md5($_POST['secret_answer']);
+	}
 
 	// Needed for isReservedName() and registerMember().
 	require_once($sourcedir . '/Subs-Members.php');
@@ -318,8 +342,9 @@ 
 	if (isset($_POST['real_name']))
 	{
 		// Are you already allowed to edit the displayed name?
-		if (allowedTo('profile_displayed_name') || allowedTo('moderate_forum'))
-			$canEditDisplayName = true;
+		if (allowedTo('profile_displayed_name') || allowedTo('moderate_forum')) {
+					$canEditDisplayName = true;
+		}
 
 		// If you are a guest, will you be allowed to once you register?
 		else
@@ -343,33 +368,38 @@ 
 			$_POST['real_name'] = trim(preg_replace('~[\t\n\r \x0B\0' . ($context['utf8'] ? '\x{A0}\x{AD}\x{2000}-\x{200F}\x{201F}\x{202F}\x{3000}\x{FEFF}' : '\x00-\x08\x0B\x0C\x0E-\x19\xA0') . ']+~' . ($context['utf8'] ? 'u' : ''), ' ', $_POST['real_name']));
 
 			// Only set it if we are sure it is good
-			if (trim($_POST['real_name']) != '' && !isReservedName($_POST['real_name']) && $smcFunc['strlen']($_POST['real_name']) < 60)
-				$possible_strings[] = 'real_name';
+			if (trim($_POST['real_name']) != '' && !isReservedName($_POST['real_name']) && $smcFunc['strlen']($_POST['real_name']) < 60) {
+							$possible_strings[] = 'real_name';
+			}
 		}
 	}
 
 	// Handle a string as a birthdate...
-	if (isset($_POST['birthdate']) && $_POST['birthdate'] != '')
-		$_POST['birthdate'] = strftime('%Y-%m-%d', strtotime($_POST['birthdate']));
+	if (isset($_POST['birthdate']) && $_POST['birthdate'] != '') {
+			$_POST['birthdate'] = strftime('%Y-%m-%d', strtotime($_POST['birthdate']));
+	}
 	// Or birthdate parts...
-	elseif (!empty($_POST['bday1']) && !empty($_POST['bday2']))
-		$_POST['birthdate'] = sprintf('%04d-%02d-%02d', empty($_POST['bday3']) ? 0 : (int) $_POST['bday3'], (int) $_POST['bday1'], (int) $_POST['bday2']);
+	elseif (!empty($_POST['bday1']) && !empty($_POST['bday2'])) {
+			$_POST['birthdate'] = sprintf('%04d-%02d-%02d', empty($_POST['bday3']) ? 0 : (int) $_POST['bday3'], (int) $_POST['bday1'], (int) $_POST['bday2']);
+	}
 
 	// Validate the passed language file.
 	if (isset($_POST['lngfile']) && !empty($modSettings['userLanguage']))
 	{
 		// Do we have any languages?
-		if (empty($context['languages']))
-			getLanguages();
+		if (empty($context['languages'])) {
+					getLanguages();
+		}
 
 		// Did we find it?
-		if (isset($context['languages'][$_POST['lngfile']]))
-			$_SESSION['language'] = $_POST['lngfile'];
-		else
+		if (isset($context['languages'][$_POST['lngfile']])) {
+					$_SESSION['language'] = $_POST['lngfile'];
+		} else {
+					unset($_POST['lngfile']);
+		}
+	} else {
 			unset($_POST['lngfile']);
 	}
-	else
-		unset($_POST['lngfile']);
 
 	// Set the options needed for registration.
 	$regOptions = array(
@@ -389,22 +419,27 @@ 
 	);
 
 	// Include the additional options that might have been filled in.
-	foreach ($possible_strings as $var)
-		if (isset($_POST[$var]))
+	foreach ($possible_strings as $var) {
+			if (isset($_POST[$var]))
 			$regOptions['extra_register_vars'][$var] = $smcFunc['htmlspecialchars']($_POST[$var], ENT_QUOTES);
-	foreach ($possible_ints as $var)
-		if (isset($_POST[$var]))
+	}
+	foreach ($possible_ints as $var) {
+			if (isset($_POST[$var]))
 			$regOptions['extra_register_vars'][$var] = (int) $_POST[$var];
-	foreach ($possible_floats as $var)
-		if (isset($_POST[$var]))
+	}
+	foreach ($possible_floats as $var) {
+			if (isset($_POST[$var]))
 			$regOptions['extra_register_vars'][$var] = (float) $_POST[$var];
-	foreach ($possible_bools as $var)
-		if (isset($_POST[$var]))
+	}
+	foreach ($possible_bools as $var) {
+			if (isset($_POST[$var]))
 			$regOptions['extra_register_vars'][$var] = empty($_POST[$var]) ? 0 : 1;
+	}
 
 	// Registration options are always default options...
-	if (isset($_POST['default_options']))
-		$_POST['options'] = isset($_POST['options']) ? $_POST['options'] + $_POST['default_options'] : $_POST['default_options'];
+	if (isset($_POST['default_options'])) {
+			$_POST['options'] = isset($_POST['options']) ? $_POST['options'] + $_POST['default_options'] : $_POST['default_options'];
+	}
 	$regOptions['theme_vars'] = isset($_POST['options']) && is_array($_POST['options']) ? $_POST['options'] : array();
 
 	// Make sure they are clean, dammit!
@@ -424,12 +459,14 @@ 
 	while ($row = $smcFunc['db_fetch_assoc']($request))
 	{
 		// Don't allow overriding of the theme variables.
-		if (isset($regOptions['theme_vars'][$row['col_name']]))
-			unset($regOptions['theme_vars'][$row['col_name']]);
+		if (isset($regOptions['theme_vars'][$row['col_name']])) {
+					unset($regOptions['theme_vars'][$row['col_name']]);
+		}
 
 		// Not actually showing it then?
-		if (!$row['show_reg'])
-			continue;
+		if (!$row['show_reg']) {
+					continue;
+		}
 
 		// Prepare the value!
 		$value = isset($_POST['customfield'][$row['col_name']]) ? trim($_POST['customfield'][$row['col_name']]) : '';
@@ -438,24 +475,27 @@ 
 		if (!in_array($row['field_type'], array('check', 'select', 'radio')))
 		{
 			// Is it too long?
-			if ($row['field_length'] && $row['field_length'] < $smcFunc['strlen']($value))
-				$custom_field_errors[] = array('custom_field_too_long', array($row['field_name'], $row['field_length']));
+			if ($row['field_length'] && $row['field_length'] < $smcFunc['strlen']($value)) {
+							$custom_field_errors[] = array('custom_field_too_long', array($row['field_name'], $row['field_length']));
+			}
 
 			// Any masks to apply?
 			if ($row['field_type'] == 'text' && !empty($row['mask']) && $row['mask'] != 'none')
 			{
-				if ($row['mask'] == 'email' && (!filter_var($value, FILTER_VALIDATE_EMAIL) || strlen($value) > 255))
-					$custom_field_errors[] = array('custom_field_invalid_email', array($row['field_name']));
-				elseif ($row['mask'] == 'number' && preg_match('~[^\d]~', $value))
-					$custom_field_errors[] = array('custom_field_not_number', array($row['field_name']));
-				elseif (substr($row['mask'], 0, 5) == 'regex' && trim($value) != '' && preg_match(substr($row['mask'], 5), $value) === 0)
-					$custom_field_errors[] = array('custom_field_inproper_format', array($row['field_name']));
+				if ($row['mask'] == 'email' && (!filter_var($value, FILTER_VALIDATE_EMAIL) || strlen($value) > 255)) {
+									$custom_field_errors[] = array('custom_field_invalid_email', array($row['field_name']));
+				} elseif ($row['mask'] == 'number' && preg_match('~[^\d]~', $value)) {
+									$custom_field_errors[] = array('custom_field_not_number', array($row['field_name']));
+				} elseif (substr($row['mask'], 0, 5) == 'regex' && trim($value) != '' && preg_match(substr($row['mask'], 5), $value) === 0) {
+									$custom_field_errors[] = array('custom_field_inproper_format', array($row['field_name']));
+				}
 			}
 		}
 
 		// Is this required but not there?
-		if (trim($value) == '' && $row['show_reg'] > 1)
-			$custom_field_errors[] = array('custom_field_empty', array($row['field_name']));
+		if (trim($value) == '' && $row['show_reg'] > 1) {
+					$custom_field_errors[] = array('custom_field_empty', array($row['field_name']));
+		}
 	}
 	$smcFunc['db_free_result']($request);
 
@@ -463,8 +503,9 @@ 
 	if (!empty($custom_field_errors))
 	{
 		loadLanguage('Errors');
-		foreach ($custom_field_errors as $error)
-			$reg_errors[] = vsprintf($txt['error_' . $error[0]], $error[1]);
+		foreach ($custom_field_errors as $error) {
+					$reg_errors[] = vsprintf($txt['error_' . $error[0]], $error[1]);
+		}
 	}
 
 	// Lets check for other errors before trying to register the member.
@@ -509,8 +550,9 @@ 
 	}
 
 	// If COPPA has been selected then things get complicated, setup the template.
-	if (!empty($modSettings['coppaAge']) && empty($_SESSION['skip_coppa']))
-		redirectexit('action=coppa;member=' . $memberID);
+	if (!empty($modSettings['coppaAge']) && empty($_SESSION['skip_coppa'])) {
+			redirectexit('action=coppa;member=' . $memberID);
+	}
 	// Basic template variable setup.
 	elseif (!empty($modSettings['registration_method']))
 	{
@@ -522,8 +564,7 @@ 
 			'sub_template' => 'after',
 			'description' => $modSettings['registration_method'] == 2 ? $txt['approval_after_registration'] : $txt['activate_after_registration']
 		);
-	}
-	else
+	} else
 	{
 		call_integration_hook('integrate_activate', array($regOptions['username']));
 
@@ -543,16 +584,18 @@ 
 	global $context, $txt, $modSettings, $scripturl, $sourcedir, $smcFunc, $language, $user_info;
 
 	// Logged in users should not bother to activate their accounts
-	if (!empty($user_info['id']))
-		redirectexit();
+	if (!empty($user_info['id'])) {
+			redirectexit();
+	}
 
 	loadLanguage('Login');
 	loadTemplate('Login');
 
 	if (empty($_REQUEST['u']) && empty($_POST['user']))
 	{
-		if (empty($modSettings['registration_method']) || $modSettings['registration_method'] == '3')
-			fatal_lang_error('no_access', false);
+		if (empty($modSettings['registration_method']) || $modSettings['registration_method'] == '3') {
+					fatal_lang_error('no_access', false);
+		}
 
 		$context['member_id'] = 0;
 		$context['sub_template'] = 'resend';
@@ -592,11 +635,13 @@ 
 	// Change their email address? (they probably tried a fake one first :P.)
 	if (isset($_POST['new_email'], $_REQUEST['passwd']) && hash_password($row['member_name'], $_REQUEST['passwd']) == $row['passwd'] && ($row['is_activated'] == 0 || $row['is_activated'] == 2))
 	{
-		if (empty($modSettings['registration_method']) || $modSettings['registration_method'] == 3)
-			fatal_lang_error('no_access', false);
+		if (empty($modSettings['registration_method']) || $modSettings['registration_method'] == 3) {
+					fatal_lang_error('no_access', false);
+		}
 
-		if (!filter_var($_POST['new_email'], FILTER_VALIDATE_EMAIL))
-			fatal_error(sprintf($txt['valid_email_needed'], $smcFunc['htmlspecialchars']($_POST['new_email'])), false);
+		if (!filter_var($_POST['new_email'], FILTER_VALIDATE_EMAIL)) {
+					fatal_error(sprintf($txt['valid_email_needed'], $smcFunc['htmlspecialchars']($_POST['new_email'])), false);
+		}
 
 		// Make sure their email isn't banned.
 		isBannedEmail($_POST['new_email'], 'cannot_register', $txt['ban_register_prohibited']);
@@ -612,8 +657,9 @@ 
 			)
 		);
 
-		if ($smcFunc['db_num_rows']($request) != 0)
-			fatal_lang_error('email_in_use', false, array($smcFunc['htmlspecialchars']($_POST['new_email'])));
+		if ($smcFunc['db_num_rows']($request) != 0) {
+					fatal_lang_error('email_in_use', false, array($smcFunc['htmlspecialchars']($_POST['new_email'])));
+		}
 		$smcFunc['db_free_result']($request);
 
 		updateMemberData($row['id_member'], array('email_address' => $_POST['new_email']));
@@ -651,9 +697,9 @@ 
 	// Quit if this code is not right.
 	if (empty($_REQUEST['code']) || $row['validation_code'] != $_REQUEST['code'])
 	{
-		if (!empty($row['is_activated']))
-			fatal_lang_error('already_activated', false);
-		elseif ($row['validation_code'] == '')
+		if (!empty($row['is_activated'])) {
+					fatal_lang_error('already_activated', false);
+		} elseif ($row['validation_code'] == '')
 		{
 			loadLanguage('Profile');
 			fatal_error(sprintf($txt['registration_not_approved'], $scripturl . '?action=activate;user=' . $row['member_name']), false);
@@ -703,8 +749,9 @@ 
 	loadTemplate('Register');
 
 	// No User ID??
-	if (!isset($_GET['member']))
-		fatal_lang_error('no_access', false);
+	if (!isset($_GET['member'])) {
+			fatal_lang_error('no_access', false);
+	}
 
 	// Get the user details...
 	$request = $smcFunc['db_query']('', '
@@ -717,8 +764,9 @@ 
 			'is_coppa' => 5,
 		)
 	);
-	if ($smcFunc['db_num_rows']($request) == 0)
-		fatal_lang_error('no_access', false);
+	if ($smcFunc['db_num_rows']($request) == 0) {
+			fatal_lang_error('no_access', false);
+	}
 	list ($username) = $smcFunc['db_fetch_row']($request);
 	$smcFunc['db_free_result']($request);
 
@@ -756,8 +804,7 @@ 
 			echo $data;
 			obExit(false);
 		}
-	}
-	else
+	} else
 	{
 		$context += array(
 			'page_title' => $txt['coppa_title'],
@@ -810,8 +857,9 @@ 
 	{
 		require_once($sourcedir . '/Subs-Graphics.php');
 
-		if (in_array('gd', get_loaded_extensions()) && !showCodeImage($code))
-			header('HTTP/1.1 400 Bad Request');
+		if (in_array('gd', get_loaded_extensions()) && !showCodeImage($code)) {
+					header('HTTP/1.1 400 Bad Request');
+		}
 
 		// Otherwise just show a pre-defined letter.
 		elseif (isset($_REQUEST['letter']))
@@ -829,14 +877,13 @@ 
 			header('Content-Type: image/gif');
 			die("\x47\x49\x46\x38\x39\x61\x01\x00\x01\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x21\xF9\x04\x01\x00\x00\x00\x00\x2C\x00\x00\x00\x00\x01\x00\x01\x00\x00\x02\x02\x44\x01\x00\x3B");
 		}
-	}
-
-	elseif ($_REQUEST['format'] === '.wav')
+	} elseif ($_REQUEST['format'] === '.wav')
 	{
 		require_once($sourcedir . '/Subs-Sound.php');
 
-		if (!createWaveFile($code))
-			header('HTTP/1.1 400 Bad Request');
+		if (!createWaveFile($code)) {
+					header('HTTP/1.1 400 Bad Request');
+		}
 	}
 
 	// We all die one day...