diff --git a/lib/db/json.js b/lib/db/json.js
index dcbb213ec27e684a11e205bb0b875900bbcc102f..ceaadffa71a6fa21a3f94f13f2b9def939f9f2e3 100644
--- a/lib/db/json.js
+++ b/lib/db/json.js
@@ -171,35 +171,35 @@ function addEmailToAccount(existing_email, email, cb) {
 }
 
 exports.stageUser = function(email, cb) {
-  var secret = secrets.generate(48);
-
-  // overwrite previously staged users
-  sync();
-  db.staged[secret] = {
-    type: "add_account",
-    email: email,
-    when: (new Date()).getTime()
-  };
-  db.stagedEmails[email] = secret;
-  flush();
-  setTimeout(function() { cb(secret); }, 0);
+  secrets.generate(48, function(secret) {
+    // overwrite previously staged users
+    sync();
+    db.staged[secret] = {
+      type: "add_account",
+      email: email,
+      when: (new Date()).getTime()
+    };
+    db.stagedEmails[email] = secret;
+    flush();
+    setTimeout(function() { cb(secret); }, 0);
+  });
 };
 
 exports.stageEmail = function(existing_email, new_email, cb) {
-  var secret = secrets.generate(48);
-
-  // overwrite previously staged users
-  sync();
-  db.staged[secret] = {
-    type: "add_email",
-    existing_email: existing_email,
-    email: new_email,
-    when: (new Date()).getTime()
-  };
-  db.stagedEmails[new_email] = secret;
-  flush();
-
-  setTimeout(function() { cb(secret); }, 0);
+  secrets.generate(48, function(secret) {
+    // overwrite previously staged users
+    sync();
+    db.staged[secret] = {
+      type: "add_email",
+      existing_email: existing_email,
+      email: new_email,
+      when: (new Date()).getTime()
+    };
+    db.stagedEmails[new_email] = secret;
+    flush();
+    
+    setTimeout(function() { cb(secret); }, 0);
+  });
 };
 
 
diff --git a/lib/db/mysql.js b/lib/db/mysql.js
index ef4c826d36bd903fecbe71d234791732b55d0cd5..3bbe13b039b491b97e6efc28f67fdb7a93b69d70 100644
--- a/lib/db/mysql.js
+++ b/lib/db/mysql.js
@@ -251,21 +251,22 @@ exports.lastStaged = function(email, cb) {
       else cb(new Date(rows[0].ts * 1000));
     }
   );
-}
+};
 
 exports.stageUser = function(email, cb) {
-  var secret = secrets.generate(48);
-  // overwrite previously staged users
-  client.query('INSERT INTO staged (secret, new_acct, email) VALUES(?,TRUE,?) ' +
-               'ON DUPLICATE KEY UPDATE secret=?, existing="", new_acct=TRUE, ts=NOW()',
-               [ secret, email, secret],
-               function(err) {
-                 if (err) {
-                   logUnexpectedError(err);
-                   cb(undefined, err);
-                 } else cb(secret);
-               });
-}
+  secrets.generate(48, function(secret) {
+    // overwrite previously staged users
+    client.query('INSERT INTO staged (secret, new_acct, email) VALUES(?,TRUE,?) ' +
+                 'ON DUPLICATE KEY UPDATE secret=?, existing="", new_acct=TRUE, ts=NOW()',
+                 [ secret, email, secret],
+                 function(err) {
+                   if (err) {
+                     logUnexpectedError(err);
+                     cb(undefined, err);
+                   } else cb(secret);
+                 });
+  });
+};
 
 exports.emailForVerificationSecret = function(secret, cb) {
   client.query(
@@ -361,19 +362,20 @@ exports.emailsBelongToSameAccount = function(lhs, rhs, cb) {
 }
 
 exports.stageEmail = function(existing_email, new_email, cb) {
-  var secret = secrets.generate(48);
-  // overwrite previously staged users
-  client.query('INSERT INTO staged (secret, new_acct, existing, email) VALUES(?,FALSE,?,?) ' +
-               'ON DUPLICATE KEY UPDATE secret=?, existing=?, new_acct=FALSE, ts=NOW()',
-               [ secret, existing_email, new_email, secret, existing_email],
-               function(err) {
-                 if (err) {
-                   logUnexpectedError(err);
-                   cb(undefined, err);
-                 }
-                 else cb(secret);
-               });
-}
+  secrets.generate(48, function(secret) {
+    // overwrite previously staged users
+    client.query('INSERT INTO staged (secret, new_acct, existing, email) VALUES(?,FALSE,?,?) ' +
+                 'ON DUPLICATE KEY UPDATE secret=?, existing=?, new_acct=FALSE, ts=NOW()',
+                 [ secret, existing_email, new_email, secret, existing_email],
+                 function(err) {
+                   if (err) {
+                     logUnexpectedError(err);
+                     cb(undefined, err);
+                   }
+                   else cb(secret);
+                 });
+  });
+};
 
 exports.checkAuth = function(email, cb) {
   client.query(