From 633e43127c6d1a96d47587eed2739bdaff6c3d4f Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Sat, 16 Nov 2013 15:42:16 +0100 Subject: Add minilinux download functionality and ipxe compilation scripts --- modules/adduser.inc.php | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'modules/adduser.inc.php') diff --git a/modules/adduser.inc.php b/modules/adduser.inc.php index 04b6044f..f152643b 100644 --- a/modules/adduser.inc.php +++ b/modules/adduser.inc.php @@ -10,6 +10,9 @@ if (isset($_POST['action']) && $_POST['action'] === 'adduser') { } elseif ($_POST['pass1'] !== $_POST['pass2']) { Message::addError('password-mismatch'); Util::redirect('?do=adduser'); + } elseif (Database::queryFirst('SELECT userid FROM user LIMIT 1') !== false) { + Message::addError('adduser-disabled'); + Util::redirect('?do=session&action=login'); } else { $data = array( 'user' => $_POST['user'], @@ -22,17 +25,18 @@ if (isset($_POST['action']) && $_POST['action'] === 'adduser') { if (Database::exec('INSERT INTO user SET login = :user, passwd = :pass, fullname = :fullname, phone = :phone, email = :email', $data) != 1) { Util::traceError('Could not create new user in DB'); } - $adduser_success = true; + // Make it superadmin if first user. This method sucks as it's a race condition but hey... + $ret = Database::queryFirst('SELECT Count(*) AS num FROM user'); + if ($ret !== false && $ret['num'] == 1) { + Database::exec('UPDATE user SET permissions = 1'); + } + Message::addInfo('adduser-success'); + Util::redirect('?do=session&action=login'); } } function render_module() { - // A user was added. Show success message and bail out - if (isset($adduser_success)) { - Message::addInfo('adduser-success'); - return; - } // No user was added, check if current user is allowed to add a new user // Currently you can only add users if there is no user yet. :) if (Database::queryFirst('SELECT userid FROM user LIMIT 1') !== false) { -- cgit v1.2.3-55-g7522