external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Use username from the database if one is provided by the user

Browse source 
This fixes a bug where the new user name input by the user was
invalid, causing the account deletion link and the form action to be
wrong.

Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This commit is contained in:
Marcel Korpel 2015-07-19 22:32:04 +02:00 committed by Lukas Fleischer
parent f2ff9782a5
commit 7927a6decd
3 changed files with 9 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
web/html/account.php
View file

@ -61,7 +61,7 @@ if (isset($_COOKIE["AURSID"])) {
$row["AccountTypeID"], $row["Suspended"], $row["Email"], $row["AccountTypeID"], $row["Suspended"], $row["Email"],
"", "", $row["RealName"], $row["LangPreference"], "", "", $row["RealName"], $row["LangPreference"],
$row["IRCNick"], $row["PGPKey"], $PK, $row["IRCNick"], $row["PGPKey"], $PK,
$row["InactivityTS"] ? 1 : 0, $row["ID"]); $row["InactivityTS"] ? 1 : 0, $row["ID"], $row["Username"]);
} else { } else {
print __("You do not have permission to edit this account."); print __("You do not have permission to edit this account.");
} }
@ -100,7 +100,7 @@ if (isset($_COOKIE["AURSID"])) {
in_request("E"), in_request("P"), in_request("C"), in_request("E"), in_request("P"), in_request("C"),
in_request("R"), in_request("L"), in_request("I"), in_request("R"), in_request("L"), in_request("I"),
in_request("K"), in_request("PK"), in_request("J"), in_request("K"), in_request("PK"), in_request("J"),
in_request("ID")); in_request("ID"), $row["Username"]);
} }
} else { } else {
if (has_credential(CRED_ACCOUNT_SEARCH)) { if (has_credential(CRED_ACCOUNT_SEARCH)) {

8
web/lib/acctfuncs.inc.php
View file

@ -56,11 +56,12 @@ function html_format_pgp_fingerprint($fingerprint) {
* @param string $PK The list of SSH public keys * @param string $PK The list of SSH public keys
* @param string $J The inactivity status of the displayed user * @param string $J The inactivity status of the displayed user
* @param string $UID The user ID of the displayed user * @param string $UID The user ID of the displayed user
* @param string $N The username as present in the database
* *
* @return void * @return void
*/ */
function display_account_form($A,$U="",$T="",$S="",$E="",$P="",$C="",$R="", function display_account_form($A,$U="",$T="",$S="",$E="",$P="",$C="",$R="",
$L="",$I="",$K="",$PK="",$J="", $UID=0) { $L="",$I="",$K="",$PK="",$J="",$UID=0,$N="") {
global $SUPPORTED_LANGS; global $SUPPORTED_LANGS;
include("account_edit_form.php"); include("account_edit_form.php");
@ -86,11 +87,12 @@ function display_account_form($A,$U="",$T="",$S="",$E="",$P="",$C="",$R="",
* @param string $PK The list of public SSH keys * @param string $PK The list of public SSH keys
* @param string $J The inactivity status of the user * @param string $J The inactivity status of the user
* @param string $UID The user ID of the modified account * @param string $UID The user ID of the modified account
* @param string $N The username as present in the database
* *
* @return string|void Return void if successful, otherwise return error * @return string|void Return void if successful, otherwise return error
*/ */
function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$P="",$C="", function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$P="",$C="",
$R="",$L="",$I="",$K="",$PK="",$J="",$UID=0) { $R="",$L="",$I="",$K="",$PK="",$J="",$UID=0,$N="") {
global $SUPPORTED_LANGS; global $SUPPORTED_LANGS;
$error = ''; $error = '';
@ -247,7 +249,7 @@ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$P="",$C="",
if ($error) { if ($error) {
print "<ul class='errorlist'><li>".$error."</li></ul>\n"; print "<ul class='errorlist'><li>".$error."</li></ul>\n";
display_account_form($A, $U, $T, $S, $E, "", "", display_account_form($A, $U, $T, $S, $E, "", "",
$R, $L, $I, $K, $PK, $J, $UID); $R, $L, $I, $K, $PK, $J, $UID, $N);
return; return;
} }

4
web/template/account_edit_form.php
View file

@ -1,9 +1,9 @@
<?php if ($A == "UpdateAccount"): ?> <?php if ($A == "UpdateAccount"): ?>
<p> <p>
<?= __('Click %shere%s if you want to permanently delete this account.', '<a href="' . get_user_uri($U) . 'delete/' . '">', '</a>') ?> <?= __('Click %shere%s if you want to permanently delete this account.', '<a href="' . get_user_uri($N) . 'delete/' . '">', '</a>') ?>
</p> </p>
<form id="edit-profile-form" action="<?= get_user_uri($U) . 'update/'; ?>" method="post"> <form id="edit-profile-form" action="<?= get_user_uri($N) . 'update/'; ?>" method="post">
<?php else: ?> <?php else: ?>
<form id="edit-profile-form" action="<?= get_uri('/register/'); ?>" method="post"> <form id="edit-profile-form" action="<?= get_uri('/register/'); ?>" method="post">
<?php endif; ?> <?php endif; ?>