From b03cd25cd705d0e9d402854b11cf1e39f01ff536 Mon Sep 17 00:00:00 2001
From: Thies Mueller <git@td00.de>
Date: Sat, 9 Jan 2021 23:28:51 +0100
Subject: [PATCH] maybe thats howto escape the user

---
 activation.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/activation.php b/activation.php
index d310930..8ae5d78 100644
--- a/activation.php
+++ b/activation.php
@@ -40,8 +40,8 @@ if(isset($_GET['send']) ) {
  if($user === false) {
     $error = '<span class="badge badge-pill badge-warning"><b>no user found</b></span>';
  }
- if($user['username'] !== $_POST['username']){
-    $error = '<span class="badge badge-pill badge-warning"><b>no user found/invalid user</b></span>';
+ if($user['username'] == ""){
+    $error = '<span class="badge badge-pill badge-warning"><b>no user found</b></span>';
  }
  if($user['activated'] == "1"){
      $error = '<span class="badge badge-pill badge-warning"><b>user already activated!</b></span>';