Fossil SCM
Disallow creating users with empty login. Ticket [66ce1088].
Commit
e1ea6c26d05317f2fbd50e873512f8574544b6b2
Parent
9150a8a2349d8f1…
1 file changed
+8
+8
| --- src/setup.c | ||
| +++ src/setup.c | ||
| @@ -335,10 +335,18 @@ | ||
| 335 | 335 | if( az ){ zCap[i++] = 'z'; } |
| 336 | 336 | |
| 337 | 337 | zCap[i] = 0; |
| 338 | 338 | zPw = P("pw"); |
| 339 | 339 | zLogin = P("login"); |
| 340 | + if( strlen(zLogin)==0 ){ | |
| 341 | + style_header("User Creation Error"); | |
| 342 | + @ <span class="loginError">Empty login not allowed.</span> | |
| 343 | + @ | |
| 344 | + @ <p><a href="setup_uedit?id=%d(uid)">[Bummer]</a></p> | |
| 345 | + style_footer(); | |
| 346 | + return; | |
| 347 | + } | |
| 340 | 348 | if( isValidPwString(zPw) ){ |
| 341 | 349 | zPw = sha1_shared_secret(zPw, zLogin, 0); |
| 342 | 350 | }else{ |
| 343 | 351 | zPw = db_text(0, "SELECT pw FROM user WHERE uid=%d", uid); |
| 344 | 352 | } |
| 345 | 353 |
| --- src/setup.c | |
| +++ src/setup.c | |
| @@ -335,10 +335,18 @@ | |
| 335 | if( az ){ zCap[i++] = 'z'; } |
| 336 | |
| 337 | zCap[i] = 0; |
| 338 | zPw = P("pw"); |
| 339 | zLogin = P("login"); |
| 340 | if( isValidPwString(zPw) ){ |
| 341 | zPw = sha1_shared_secret(zPw, zLogin, 0); |
| 342 | }else{ |
| 343 | zPw = db_text(0, "SELECT pw FROM user WHERE uid=%d", uid); |
| 344 | } |
| 345 |
| --- src/setup.c | |
| +++ src/setup.c | |
| @@ -335,10 +335,18 @@ | |
| 335 | if( az ){ zCap[i++] = 'z'; } |
| 336 | |
| 337 | zCap[i] = 0; |
| 338 | zPw = P("pw"); |
| 339 | zLogin = P("login"); |
| 340 | if( strlen(zLogin)==0 ){ |
| 341 | style_header("User Creation Error"); |
| 342 | @ <span class="loginError">Empty login not allowed.</span> |
| 343 | @ |
| 344 | @ <p><a href="setup_uedit?id=%d(uid)">[Bummer]</a></p> |
| 345 | style_footer(); |
| 346 | return; |
| 347 | } |
| 348 | if( isValidPwString(zPw) ){ |
| 349 | zPw = sha1_shared_secret(zPw, zLogin, 0); |
| 350 | }else{ |
| 351 | zPw = db_text(0, "SELECT pw FROM user WHERE uid=%d", uid); |
| 352 | } |
| 353 |