diff options
author | Simon Rettberg | 2021-01-22 10:34:42 +0100 |
---|---|---|
committer | Simon Rettberg | 2021-01-22 10:34:42 +0100 |
commit | 242b0e0a204db1dcf9ea453ec1a86618fc740ebf (patch) | |
tree | 61181b5254314909cba1a86fe1b998b0a14627d0 /modules/register.inc.php | |
parent | [adduser] Fix malformed static method call (diff) | |
download | bwlp-webadmin-242b0e0a204db1dcf9ea453ec1a86618fc740ebf.tar.gz bwlp-webadmin-242b0e0a204db1dcf9ea453ec1a86618fc740ebf.tar.xz bwlp-webadmin-242b0e0a204db1dcf9ea453ec1a86618fc740ebf.zip |
[deploy] Improve account merging
* Make matching of name and email case insensitive
* Add config option to allow/disallow merging with existing shib-account
Diffstat (limited to 'modules/register.inc.php')
-rw-r--r-- | modules/register.inc.php | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/modules/register.inc.php b/modules/register.inc.php index aa2b94c..f55e900 100644 --- a/modules/register.inc.php +++ b/modules/register.inc.php @@ -30,7 +30,7 @@ class Page_Register extends Page } if ($testLogin !== false) { // Check if one of firstname, lastname or email matches - $user = Database::queryFirst('SELECT firstname, lastname, email, organizationid FROM user WHERE userid = :login LIMIT 1', + $user = Database::queryFirst('SELECT firstname, lastname, email, password, organizationid FROM user WHERE userid = :login LIMIT 1', array('login' => $testLogin)); if ($user === false || User::getOrganizationId() !== $user['organizationid']) { // Invalid Login @@ -38,9 +38,13 @@ class Page_Register extends Page . ' Bitte wenden Sie sich an den {{1}}-Support, wenn dieser Test-Account Ihnen gehört.', $testLogin, CONFIG_SUITE); Util::redirect('?do=Main'); } - if (User::getLastName() !== $user['lastname'] - || User::getFirstName() !== $user['firstname'] - || User::getMail() !== $user['email']) { + if (empty($user['password']) && !CONFIG_ALLOW_SHIB_MERGE) { + Message::addError('Verknüpfung mit altem Shibboleth-basiertem Account nicht erlaubt'); + Util::redirect('?do=Main'); + } + if (strcasecmp(User::getLastName(), $user['lastname']) !== 0 + || strcasecmp(User::getFirstName(), $user['firstname']) !== 0 + || strcasecmp(User::getMail(), $user['email']) !== 0) { // No match by personal information Message::addError('Ihre Metadaten stimmen nicht mit dem Test-Account {{0}} überein. ' . ' Bitte wenden Sie sich an den {{1}}-Support, wenn dieser Test-Account Ihnen gehört.', $testLogin, CONFIG_SUITE); |