diff options
author | justdave%syndicomm.com <> | 2002-04-02 08:52:37 +0200 |
---|---|---|
committer | justdave%syndicomm.com <> | 2002-04-02 08:52:37 +0200 |
commit | a8c72c4d3b30aa45a587a846d825235f5e8fc8a5 (patch) | |
tree | 7200e87785413e4e8104860ea10ff394e716d108 /globals.pl | |
parent | 0e583bdb0923a962fcef1af39896398862e13077 (diff) | |
download | bugzilla-a8c72c4d3b30aa45a587a846d825235f5e8fc8a5.tar.gz bugzilla-a8c72c4d3b30aa45a587a846d825235f5e8fc8a5.tar.xz |
Remaining pieces of Bug 23067 from yesterday... no idea why the first commit didn't pick these up.
Diffstat (limited to 'globals.pl')
-rw-r--r-- | globals.pl | 37 |
1 files changed, 33 insertions, 4 deletions
diff --git a/globals.pl b/globals.pl index 562237a68..cb3612671 100644 --- a/globals.pl +++ b/globals.pl @@ -671,6 +671,8 @@ sub GetVersionTable { $mtime = 0; } if (time() - $mtime > 3600) { + use Token; + Token::CleanTokenTable(); GenerateVersionTable(); } require 'data/versioncache'; @@ -686,6 +688,31 @@ sub GetVersionTable { } +# Validates a given username as a new username +# returns 1 if valid, 0 if invalid +sub ValidateNewUser { + my ($username, $old_username) = @_; + + if(DBname_to_id($username) != 0) { + return 0; + } + + # Reject if the new login is part of an email change which is + # still in progress + SendSQL("SELECT eventdata FROM tokens WHERE tokentype = 'emailold' + AND eventdata like '%:$username' + OR eventdata like '$username:%'"); + if (my ($eventdata) = FetchSQLData()) { + # Allow thru owner of token + if($old_username && ($eventdata eq "$old_username:$username")) { + return 1; + } + return 0; + } + + return 1; +} + sub InsertNewUser { my ($username, $realname) = (@_); @@ -963,10 +990,12 @@ sub DBNameToIdAndCheck { return $result; } if ($forceok) { - InsertNewUser($name, ""); - $result = DBname_to_id($name); - if ($result > 0) { - return $result; + if(ValidateNewUser($name)) { + InsertNewUser($name, ""); + $result = DBname_to_id($name); + if ($result > 0) { + return $result; + } } print "Yikes; couldn't create user $name. Please report problem to " . Param("maintainer") ."\n"; |