dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Users: Prevent duplicate usernames.

This commit is contained in:
Nate 2019-09-10 19:23:14 -06:00
parent 8e2644a39f
commit c7d5c2a7cf
3 changed files with 22 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/extensions/extension_edit.php
View File

@ -263,7 +263,7 @@
//add the user to the database //add the user to the database
$user_email = ''; $user_email = '';
if ($_SESSION["user"]["unique"]["text"] != "global") { if ($_SESSION["users"]["unique"]["text"] != "global") {
if ($autogen_users == "true") { if ($autogen_users == "true") {
$auto_user = $extension; $auto_user = $extension;
for ($i=1; $i<=$range; $i++) { for ($i=1; $i<=$range; $i++) {

34
core/users/user_edit.php
View File

@ -144,21 +144,22 @@
if ($username == '') { if ($username == '') {
message::add($text['message-required'].$text['label-username'], 'negative', 7500); message::add($text['message-required'].$text['label-username'], 'negative', 7500);
} }
if (permission_exists('user_edit') && $action == 'edit') { if (
if ($username != $username_old && $username != '') { (permission_exists('user_edit') && $action == 'edit' && $username != $username_old && $username != '') ||
$sql = "select count(*) from v_users where username = :username "; (permission_exists('user_add') && $action == 'add' && $username != '')
if ($_SESSION["user"]["unique"]["text"] != "global") { ) {
$sql .= "and domain_uuid = :domain_uuid "; $sql = "select count(*) from v_users where username = :username ";
$parameters['domain_uuid'] = $domain_uuid; if ($_SESSION["users"]["unique"]["text"] != "global") {
} $sql .= "and domain_uuid = :domain_uuid ";
$parameters['username'] = $username; $parameters['domain_uuid'] = $domain_uuid;
$database = new database;
$num_rows = $database->select($sql, $parameters, 'column');
if ($num_rows > 0) {
message::add($text['message-username_exists'], 'negative', 7500);
}
unset($sql);
} }
$parameters['username'] = $username;
$database = new database;
$num_rows = $database->select($sql, $parameters, 'column');
if ($num_rows > 0) {
message::add($text['message-username_exists'], 'negative', 7500);
}
unset($sql);
} }
if ($password != '' && $password != $password_confirm) { if ($password != '' && $password != $password_confirm) {
message::add($text['message-password_mismatch'], 'negative', 7500); message::add($text['message-password_mismatch'], 'negative', 7500);
@ -561,6 +562,7 @@
$contact_name_given = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['contact_name_given']; $contact_name_given = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['contact_name_given'];
$contact_name_family = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['contact_name_family']; $contact_name_family = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['contact_name_family'];
$contact_organization = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['contact_organization']; $contact_organization = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['contact_organization'];
$group_uuid_name = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['group_uuid_name'];
$user_settings["message"]["key"]["text"] = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['message_key']; $user_settings["message"]["key"]["text"] = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['message_key'];
$unsaved = true; $unsaved = true;
@ -1055,10 +1057,10 @@
echo "</form>"; echo "</form>";
if (permission_exists("user_edit") && permission_exists('user_setting_view') && $action == 'edit') { if (permission_exists("user_edit") && permission_exists('user_setting_view') && $action == 'edit') {
require $_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/core/user_settings/user_settings.php"; require $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/core/user_settings/user_settings.php";
} }
//include the footer //include the footer
require_once "resources/footer.php"; require_once "resources/footer.php";
?> ?>

4
resources/classes/domains.php
View File

@ -63,7 +63,9 @@ if (!class_exists('domains')) {
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED); $result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
//unset all settings //unset all settings
foreach ($result as $row) { foreach ($result as $row) {
unset($_SESSION[$row['default_setting_category']]); if ($row['default_setting_category'] != 'user') { //skip off-limit categories
unset($_SESSION[$row['default_setting_category']]);
}
} }
//set the enabled settings as a session //set the enabled settings as a session
foreach ($result as $row) { foreach ($result as $row) {