Fix more saml vs internal switches, messages, errors. Allow empty user perms.

2021-05-07 15:57:31 -04:00
parent 37806023dc
commit 4ce405ca75
4 changed files with 64 additions and 5 deletions
--- a/users.php
+++ b/users.php
@@ -220,6 +220,7 @@ if (Registry::AUTHMETHOD == 'INTERNAL') {
 };

    if (!empty($_POST['editusercomplete'])):                              // EDIT USER
+      if (Registry::AUTHMETHOD == 'INTERNAL') {
        require_once("src/Misc/PasswordHash.php");
        if (empty($_POST['username'])): $errors['username'] = $transLang['USERNAME_NOTEMPTY']; endif;
        if (preg_match('/[^a-zA-Z0-9 .-_]/', $_POST['username'])): $errors['username'] = $transLang['ILLEGAL_CHARACTERS']; endif;
@@ -234,18 +235,22 @@ if (Registry::AUTHMETHOD == 'INTERNAL') {
      //      if ($existing[0]["users_username"] == $_POST['username']): $errors['username'] = $transLang['USERNAME_USED']; endif;
     //       if ($existing[0]["users_email"] == $email): $errors['email'] = $transLang['PASSWORD_USED']; endif;
     //   endif;
+      }
    endif;
    if (!empty($_POST['editusercomplete']) && empty($errors)):
     //   $hasher = new PasswordHash(8, FALSE);
      //  $password = $hasher->HashPassword($_POST['password']);
-        $Users->editUserInfo($_POST['edituserid'], $_POST['firstname'], $_POST['lastname'], $_POST['username'], $_POST['email'], $_POST['usertype']);
+      if (Registry::AUTHMETHOD == 'INTERNAL') {
+        $editedusername=$_POST['username'];
+      } else {
+          $editedusername="SAML/SSO";
+      }
+        $Users->editUserInfo($_POST['edituserid'], $_POST['firstname'], $_POST['lastname'], $editedusername, $_POST['email'], $_POST['usertype']);
       //foreach loop to check if exists, if new, delete or add as needed
-        if (!empty($_POST['sitepermissions'])){
        $SiteInfo->delSitePerms($_POST['edituserid']);
        foreach($_POST['sitepermissions'] as $editsitepermission) {
            $SiteInfo->setSitePerms($editsitepermission, $_POST['edituserid']);
        }
-        }
        header('Location: ' . $_SERVER['PHP_SELF']);
    endif;

@@ -340,9 +345,11 @@ if (0 === $row_count): else: $page_count = (int)ceil($row_count / $StaticFunctio
                    <div class="modal-body">
                        <form class="form-inline my-2 my-lg-0" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
                            <div class="row">
+                                <?php if (Registry::AUTHMETHOD == 'INTERNAL') { ?>
                                <div class="col-sm">
                                    <p class="lead"><?php echo $transLang['ADD_USER_DESC'] . $minpasslength; ?></p>
                                </div>
+                                <?php } ?>
                            </div>
                                <fieldset id="registration">
                                    <div class="form-group">