Point808/LobbySIO
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update user mgmt to allow saml user add by email

Browse Source
This commit is contained in:
Josh North
2021-05-07 14:36:00 -04:00
parent 0d97c784d1
commit 337efaf2a6
3 changed files with 45 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
profile.php
View File

@@ -106,7 +106,9 @@
<h2><i class="fas fa-user-circle"></i> <?php echo $transLang['EDIT_PROFILE']; ?></h2> <h2><i class="fas fa-user-circle"></i> <?php echo $transLang['EDIT_PROFILE']; ?></h2>
</div> </div>
</div> </div>
<?php if (Registry::AUTHMETHOD == 'INTERNAL') { ?>
<p class="lead"><?php echo $transLang['ACCOUNT_INFO_DESC'] . $minpasslength; ?></p> <p class="lead"><?php echo $transLang['ACCOUNT_INFO_DESC'] . $minpasslength; ?></p>
<?php } ?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<fieldset> <fieldset>
<div class="form-group row"> <div class="form-group row">

22
src/Database/Users.php
View File

@@ -116,6 +116,18 @@ class Users {
return $rows; return $rows;
} }
public function checkSAMLUser ($email) {
$query = "
SELECT
" . Registry::DB_PRFX . "users.email as users_email
FROM " . Registry::DB_PRFX . "users
WHERE " . Registry::DB_PRFX . "users.email = \"$email\"
";
$database = new \App\LobbySIO\Database\Connect();
$rows = $database->getQuery($query);
return $rows;
}
public function addUser ($firstname, $lastname, $username, $timezone, $password, $email, $usertype) { public function addUser ($firstname, $lastname, $username, $timezone, $password, $email, $usertype) {
$query = " $query = "
INSERT INTO " . Registry::DB_PRFX . "users (" . Registry::DB_PRFX . "users.firstname, " . Registry::DB_PRFX . "users.lastname, " . Registry::DB_PRFX . "users.username, " . Registry::DB_PRFX . "users.timezone, " . Registry::DB_PRFX . "users.password, " . Registry::DB_PRFX . "users.email, " . Registry::DB_PRFX . "users.created, " . Registry::DB_PRFX . "users.usertype) INSERT INTO " . Registry::DB_PRFX . "users (" . Registry::DB_PRFX . "users.firstname, " . Registry::DB_PRFX . "users.lastname, " . Registry::DB_PRFX . "users.username, " . Registry::DB_PRFX . "users.timezone, " . Registry::DB_PRFX . "users.password, " . Registry::DB_PRFX . "users.email, " . Registry::DB_PRFX . "users.created, " . Registry::DB_PRFX . "users.usertype)
@@ -126,6 +138,16 @@ class Users {
return $count; return $count;
} }
public function addSAMLUser ($timezone, $email, $usertype) {
$query = "
INSERT INTO " . Registry::DB_PRFX . "users (" . Registry::DB_PRFX . "users.timezone, " . Registry::DB_PRFX . "users.email, " . Registry::DB_PRFX . "users.created, " . Registry::DB_PRFX . "users.usertype)
VALUES (\"$timezone\", \"$email\", NOW(), \"$usertype\")
";
$database = new \App\LobbySIO\Database\Connect();
$count = $database->runQuery($query);
return $count;
}
public function setUserInfo($uid, $firstname, $lastname, $email, $usertypeid, $password) { public function setUserInfo($uid, $firstname, $lastname, $email, $usertypeid, $password) {
$query = " $query = "
UPDATE UPDATE

22
users.php
View File

@@ -178,7 +178,7 @@
header('Location: ' . $_SERVER['PHP_SELF']); header('Location: ' . $_SERVER['PHP_SELF']);
endif; endif;
if (!empty($_POST['newuser'])): // NEW USER if (!empty($_POST['newuser'])): // NEW USER INTERNAL
require_once("src/Misc/PasswordHash.php"); require_once("src/Misc/PasswordHash.php");
if (empty($_POST['username'])): $errors['username'] = $transLang['USERNAME_NOTEMPTY']; endif; if (empty($_POST['username'])): $errors['username'] = $transLang['USERNAME_NOTEMPTY']; endif;
if (preg_match('/[^a-zA-Z0-9 .-_]/', $_POST['username'])): $errors['username'] = $transLang['ILLEGAL_CHARACTERS']; endif; if (preg_match('/[^a-zA-Z0-9 .-_]/', $_POST['username'])): $errors['username'] = $transLang['ILLEGAL_CHARACTERS']; endif;
@@ -201,6 +201,20 @@
header('Location: ' . $_SERVER['PHP_SELF']); header('Location: ' . $_SERVER['PHP_SELF']);
endif; endif;
if (!empty($_POST['newuser'])): // NEW USER SAML
$email = filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);
if (!$email): $errors['email'] = $transLang['EMAIL_NOTVALID']; endif;
$existing = $Users->checkUser($email);
if ($existing):
if ($existing[0]["users_email"] == $email): $errors['email'] = $transLang['PASSWORD_USED']; endif;
endif;
endif;
if (!empty($_POST['newuser']) && empty($errors)):
$Users->addSAMLUser($timezone, $_POST['email'], $_POST['usertype']);
header('Location: ' . $_SERVER['PHP_SELF']);
endif;
if (!empty($_POST['editusercomplete'])): // EDIT USER if (!empty($_POST['editusercomplete'])): // EDIT USER
require_once("src/Misc/PasswordHash.php"); require_once("src/Misc/PasswordHash.php");
if (empty($_POST['username'])): $errors['username'] = $transLang['USERNAME_NOTEMPTY']; endif; if (empty($_POST['username'])): $errors['username'] = $transLang['USERNAME_NOTEMPTY']; endif;
@@ -328,6 +342,7 @@ if (0 === $row_count): else: $page_count = (int)ceil($row_count / $StaticFunctio
</div> </div>
<fieldset id="registration"> <fieldset id="registration">
<div class="form-group"> <div class="form-group">
<?php if (Registry::AUTHMETHOD == 'INTERNAL') { ?>
<div class="row"> <div class="row">
<div class="col-sm"> <div class="col-sm">
<input type="text" class="form-control" id="firstname" name="firstname" placeholder="First Name" required /> <input type="text" class="form-control" id="firstname" name="firstname" placeholder="First Name" required />
@@ -336,14 +351,18 @@ if (0 === $row_count): else: $page_count = (int)ceil($row_count / $StaticFunctio
<input type="text" class="form-control" id="lastname" name="lastname" placeholder="Last Name" required /> <input type="text" class="form-control" id="lastname" name="lastname" placeholder="Last Name" required />
</div> </div>
</div> </div>
<?php } ?>
<div class="row"> <div class="row">
<?php if (Registry::AUTHMETHOD == 'INTERNAL') { ?>
<div class="col-sm"> <div class="col-sm">
<input type="text" class="form-control" id="username" name="username" placeholder="Username" required /> <input type="text" class="form-control" id="username" name="username" placeholder="Username" required />
</div> </div>
<?php } ?>
<div class="col-sm"> <div class="col-sm">
<input type="text" class="form-control" id="email" name="email" placeholder="Email" /> <input type="text" class="form-control" id="email" name="email" placeholder="Email" />
</div> </div>
</div> </div>
<?php if (Registry::AUTHMETHOD == 'INTERNAL') { ?>
<div class="row"> <div class="row">
<div class="col-sm"> <div class="col-sm">
<input type="password" class="form-control" id="password" name="password" placeholder="Password" required /> <input type="password" class="form-control" id="password" name="password" placeholder="Password" required />
@@ -352,6 +371,7 @@ if (0 === $row_count): else: $page_count = (int)ceil($row_count / $StaticFunctio
<input type="password" class="form-control" id="password_confirm" name="password_confirm" placeholder="Confirm Password" required /> <input type="password" class="form-control" id="password_confirm" name="password_confirm" placeholder="Confirm Password" required />
</div> </div>
</div> </div>
<?php } ?>
<div class="row"> <div class="row">
<div class="col-sm"> <div class="col-sm">
<select class="custom-select" id="usertype" aria-label="<?php echo $transLang['ACCESS_LEVEL']; ?>" name="usertype" required> <select class="custom-select" id="usertype" aria-label="<?php echo $transLang['ACCESS_LEVEL']; ?>" name="usertype" required>