summaryrefslogtreecommitdiffstats
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/main.inc.php21
-rw-r--r--modules/register.inc.php12
2 files changed, 21 insertions, 12 deletions
diff --git a/modules/main.inc.php b/modules/main.inc.php
index 6119814..95d72c1 100644
--- a/modules/main.inc.php
+++ b/modules/main.inc.php
@@ -35,6 +35,8 @@ class Page_Main extends Page
return;
}
if (!User::isTutor()) {
+ Message::addError('Sie sind kein Mitarbeiter der Einrichtung "' . User::getOrganization()
+ . '" und können daher die ' . CONFIG_SUITE . '-Suite nicht nutzen.');
return;
}
// User is not in DB, so he might want so sign up for the service - see if conditions are met
@@ -63,22 +65,25 @@ class Page_Main extends Page
$data = User::getData();
$data['organization'] = User::getOrganizationName();
// Show testacc merge form if organization has test accounts
- $res = Database::queryFirst('SELECT Count(*) as cnt FROM user WHERE organizationid = :oid AND Length(password) <> 0', array(
- 'oid' => User::getOrganizationId()
- ));
$mail = trim(User::getMail());
- if (!empty($mail)) {
+ $fn = User::getFirstName();
+ $ln = User::getLastName();
+ if (!empty($mail) && (!empty($fn) || !empty($ln))) {
+ $extra = '';
+ if (!CONFIG_ALLOW_SHIB_MERGE) {
+ $extra = ' AND password IS NOT NULL AND Length(password) <> 0 ';
+ }
$existing = Database::queryFirst('SELECT userid FROM user
- WHERE email = :email AND lastname = :ln AND firstname = :fn LIMIT 1', array(
+ WHERE email = :email AND lastname = :ln AND firstname = :fn AND organizationid = :org ' . $extra . ' LIMIT 1', array(
'email' => $mail,
- 'fn' => User::getFirstName(),
- 'ln' => User::getLastName(),
+ 'fn' => $fn,
+ 'ln' => $ln,
+ 'org' => User::getOrganizationId(),
));
if ($existing !== false) {
$data['testlogin'] = $existing['userid'];
}
}
- $data['testacc'] = ($res !== false && $res['cnt'] > 0) || !empty($existing);
$data['suite'] = CONFIG_SUITE;
$data['idm'] = CONFIG_IDM;
Render::addTemplate('main/deploy', $data);
diff --git a/modules/register.inc.php b/modules/register.inc.php
index aa2b94c..f55e900 100644
--- a/modules/register.inc.php
+++ b/modules/register.inc.php
@@ -30,7 +30,7 @@ class Page_Register extends Page
}
if ($testLogin !== false) {
// Check if one of firstname, lastname or email matches
- $user = Database::queryFirst('SELECT firstname, lastname, email, organizationid FROM user WHERE userid = :login LIMIT 1',
+ $user = Database::queryFirst('SELECT firstname, lastname, email, password, organizationid FROM user WHERE userid = :login LIMIT 1',
array('login' => $testLogin));
if ($user === false || User::getOrganizationId() !== $user['organizationid']) {
// Invalid Login
@@ -38,9 +38,13 @@ class Page_Register extends Page
. ' Bitte wenden Sie sich an den {{1}}-Support, wenn dieser Test-Account Ihnen gehört.', $testLogin, CONFIG_SUITE);
Util::redirect('?do=Main');
}
- if (User::getLastName() !== $user['lastname']
- || User::getFirstName() !== $user['firstname']
- || User::getMail() !== $user['email']) {
+ if (empty($user['password']) && !CONFIG_ALLOW_SHIB_MERGE) {
+ Message::addError('Verknüpfung mit altem Shibboleth-basiertem Account nicht erlaubt');
+ Util::redirect('?do=Main');
+ }
+ if (strcasecmp(User::getLastName(), $user['lastname']) !== 0
+ || strcasecmp(User::getFirstName(), $user['firstname']) !== 0
+ || strcasecmp(User::getMail(), $user['email']) !== 0) {
// No match by personal information
Message::addError('Ihre Metadaten stimmen nicht mit dem Test-Account {{0}} überein. '
. ' Bitte wenden Sie sich an den {{1}}-Support, wenn dieser Test-Account Ihnen gehört.', $testLogin, CONFIG_SUITE);