From 7927a6decd07bb80223ea22bf1db395aa7c12cc4 Mon Sep 17 00:00:00 2001 From: Marcel Korpel Date: Sun, 19 Jul 2015 22:32:04 +0200 Subject: Use username from the database if one is provided by the user This fixes a bug where the new user name input by the user was invalid, causing the account deletion link and the form action to be wrong. Signed-off-by: Marcel Korpel Signed-off-by: Lukas Fleischer --- web/html/account.php | 4 ++-- web/lib/acctfuncs.inc.php | 8 +++++--- web/template/account_edit_form.php | 4 ++-- 3 files changed, 9 insertions(+), 7 deletions(-) diff --git a/web/html/account.php b/web/html/account.php index c447de3..f5e6c19 100644 --- a/web/html/account.php +++ b/web/html/account.php @@ -61,7 +61,7 @@ if (isset($_COOKIE["AURSID"])) { $row["AccountTypeID"], $row["Suspended"], $row["Email"], "", "", $row["RealName"], $row["LangPreference"], $row["IRCNick"], $row["PGPKey"], $PK, - $row["InactivityTS"] ? 1 : 0, $row["ID"]); + $row["InactivityTS"] ? 1 : 0, $row["ID"], $row["Username"]); } else { print __("You do not have permission to edit this account."); } @@ -100,7 +100,7 @@ if (isset($_COOKIE["AURSID"])) { in_request("E"), in_request("P"), in_request("C"), in_request("R"), in_request("L"), in_request("I"), in_request("K"), in_request("PK"), in_request("J"), - in_request("ID")); + in_request("ID"), $row["Username"]); } } else { if (has_credential(CRED_ACCOUNT_SEARCH)) { diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php index 2b57b2d..9d6f5ee 100644 --- a/web/lib/acctfuncs.inc.php +++ b/web/lib/acctfuncs.inc.php @@ -56,11 +56,12 @@ function html_format_pgp_fingerprint($fingerprint) { * @param string $PK The list of SSH public keys * @param string $J The inactivity status of the displayed user * @param string $UID The user ID of the displayed user + * @param string $N The username as present in the database * * @return void */ function display_account_form($A,$U="",$T="",$S="",$E="",$P="",$C="",$R="", - $L="",$I="",$K="",$PK="",$J="", $UID=0) { + $L="",$I="",$K="",$PK="",$J="",$UID=0,$N="") { global $SUPPORTED_LANGS; include("account_edit_form.php"); @@ -86,11 +87,12 @@ function display_account_form($A,$U="",$T="",$S="",$E="",$P="",$C="",$R="", * @param string $PK The list of public SSH keys * @param string $J The inactivity status of the user * @param string $UID The user ID of the modified account + * @param string $N The username as present in the database * * @return string|void Return void if successful, otherwise return error */ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$P="",$C="", - $R="",$L="",$I="",$K="",$PK="",$J="",$UID=0) { + $R="",$L="",$I="",$K="",$PK="",$J="",$UID=0,$N="") { global $SUPPORTED_LANGS; $error = ''; @@ -247,7 +249,7 @@ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$P="",$C="", if ($error) { print "
  • ".$error."
\n"; display_account_form($A, $U, $T, $S, $E, "", "", - $R, $L, $I, $K, $PK, $J, $UID); + $R, $L, $I, $K, $PK, $J, $UID, $N); return; } diff --git a/web/template/account_edit_form.php b/web/template/account_edit_form.php index 56bdd45..0aadb9d 100644 --- a/web/template/account_edit_form.php +++ b/web/template/account_edit_form.php @@ -1,9 +1,9 @@

- ', '') ?> + ', '') ?>

-
+ -- cgit v1.2.3-70-g09d2