Business
/
AccountHub
2
0
Fork 2
Code Issues 3 Pull Requests Releases 3 Wiki Activity

Fix "server error" message with incorrect username

Browse Source
V2_Rewrite
Skylar Ittner 6 years ago
parent 6bf1606997
commit fec5e13415
3 changed files with 14 additions and 13 deletions
Show Stats Download Patch File Download Diff File

3
.gitignore vendored
Unescape Escape View File

@ -3,4 +3,5 @@
/database.mwb.bak /database.mwb.bak
/nbproject/private /nbproject/private
*.sync-conflict* *.sync-conflict*
test* test*
/conf/

4
index.php
Unescape Escape View File

@ -50,9 +50,9 @@ if ($VARS['progress'] == "1") {
default: default:
if (!is_empty($error)) { if (!is_empty($error)) {
$alert = $error; $alert = $error;
break; } else {
$alert = lang("login error", false);
} }
$alert = lang("login error", false);
break; break;
} }
if ($username_ok) { if ($username_ok) {

20
lib/login.php
Unescape Escape View File

@ -127,19 +127,19 @@ function change_password($old, $new, $new2, &$error) {
function account_location($username) { function account_location($username) {
global $database; global $database;
$username = strtolower($username); $username = strtolower($username);
$user_exists = user_exists_local($username); $user_exists_local = user_exists_local($username);
if (!$user_exists && !LDAP_ENABLED) { if (!$user_exists_local && !LDAP_ENABLED) {
return false; return "NONE";
} }
if ($user_exists) { if ($user_exists_local) {
$userinfo = $database->select('accounts', ['password'], ['username' => $username])[0]; $userinfo = $database->select('accounts', ['password'], ['username' => $username])[0];
// if password empty, it's an LDAP user // if password empty, it's an LDAP user
if (is_empty($userinfo['password']) && LDAP_ENABLED) { if (!is_empty($userinfo['password'])) {
return "LOCAL";
} else if (is_empty($userinfo['password']) && LDAP_ENABLED) {
return "LDAP"; return "LDAP";
} else if (is_empty($userinfo['password']) && !LDAP_ENABLED) {
return "NONE";
} else { } else {
return "LOCAL"; return "NONE";
} }
} else { } else {
if (user_exists_ldap($username)) { if (user_exists_ldap($username)) {
@ -161,7 +161,7 @@ function authenticate_user($username, $password, &$errormsg = null, &$errorcode
global $ldap; global $ldap;
$username = strtolower($username); $username = strtolower($username);
if (is_empty($username) || is_empty($password)) { if (is_empty($username) || is_empty($password)) {
return false; return "NONE";
} }
$loc = account_location($username, $password); $loc = account_location($username, $password);
switch ($loc) { switch ($loc) {
@ -200,7 +200,7 @@ function user_exists($username) {
function user_exists_local($username) { function user_exists_local($username) {
global $database; global $database;
$username = strtolower($username); $username = strtolower($username);
return $database->has('accounts', ['username' => $username, "LIMIT" => QUERY_LIMIT]); return $database->has('accounts', ['username' => $username]) === TRUE;
} }
/** /**

Write Preview
Loading…
Cancel
Save