diff --git a/database.php b/database.php
index 2078aa8..3181328 100644
--- a/database.php
+++ b/database.php
@@ -172,8 +172,8 @@ class mxDatabase
 	 * 		as members
 	 */
 	function getUserForApproval($admin_token) {
-		$sql = "SELECT COUNT(*) FROM registrations WHERE admin_token = '" . $admin_token
-			. "' AND state = " . RegisterState::PendingAdminVerify . " LIMIT 1;";
+		$sql = "SELECT COUNT(*) FROM registrations WHERE admin_token = '" . $admin_token . "'"
+			. " AND state = " . RegisterState::PendingAdminVerify . " LIMIT 1;";
 		$res = $db->query($sql);
 		$first_name = NULL; $last_name = NULL; $username = NULL; $note = NULL; $email = NULL;
 
@@ -197,14 +197,15 @@ class mxDatabase
 	 * 		as members
 	 */
 	function getUserForVerify($verify_token) {
-		$sql = "SELECT COUNT(*) FROM registrations WHERE verify_token = '" . $verify_token
-			. "' AND state = " . RegisterState::PendingAdminVerify . " LIMIT 1;";
+		$sql = "SELECT COUNT(*) FROM registrations WHERE verify_token = '" . $verify_token . "'"
+			. " AND state = " . RegisterState::PendingEmailVerify . " LIMIT 1;";
 		$res = $db->query($sql);
 		$first_name = NULL; $last_name = NULL; $username = NULL; $note = NULL; $email = NULL;
 
 		if ($res->fetchColumn() > 0) {
 			$sql = "SELECT first_name, last_name, note, email, admin_token FROM registrations "
-				. " WHERE verify_token = '" . $token . "' LIMIT 1;";
+				. " WHERE verify_token = '" . $token . "'"
+				. " AND state = " . RegisterState::PendingEmailVerify . " LIMIT 1;";
 			foreach ($db->query($sql) as $row) {
 				// will only be executed once
 				return $row;