Ne pas générer la configuration des comptes si on reçoit une adresse mail valide qui n'est pas un UID
This commit is contained in:
parent
851414d445
commit
74d999647f
|
@ -15,9 +15,22 @@ if(isset($_SERVER['QUERY_STRING']) && preg_match('/^.+@' . DOMAIN . '$/', $_SERV
|
|||
// Lookup the user
|
||||
$result = ldap_search($link, USER_BASE, "uid=" . $uid);
|
||||
$user = ldap_get_entries($link, $result);
|
||||
$configaccounts = 1;
|
||||
if($user['count'] == 0) {
|
||||
// user not found
|
||||
exit;
|
||||
$result = ldap_search($link, USER_BASE, "mail=" . $_SERVER['QUERY_STRING']);
|
||||
$user = ldap_get_entries($link, $result);
|
||||
if ($user['count'] == 1){
|
||||
// If we received an valid email address and not an uid
|
||||
// considere TB as already configured
|
||||
// so we don't need to generate accounts config
|
||||
// only general settings will be sent
|
||||
$configaccounts = 0;
|
||||
}
|
||||
else{
|
||||
// user not found
|
||||
header("HTTP/1.1 403 Forbidden");
|
||||
exit;
|
||||
}
|
||||
}
|
||||
$pref = TB_PREF;
|
||||
// Don't lock pref if the user is member of some special groups
|
||||
|
@ -30,8 +43,12 @@ if(isset($_SERVER['QUERY_STRING']) && preg_match('/^.+@' . DOMAIN . '$/', $_SERV
|
|||
}
|
||||
}
|
||||
else {
|
||||
// We've not received a valid email address
|
||||
header("HTTP/1.1 403 Forbidden");
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($configaccounts == 1){
|
||||
?>
|
||||
|
||||
// Linux / UNIX ?
|
||||
|
@ -107,6 +124,12 @@ $id++;
|
|||
<?php echo $pref;?>("mail.account.account2.identities", "<?php echo $identities;?>");
|
||||
<?php echo $pref;?>("mail.accountmanager.accounts", "account1,account2");
|
||||
|
||||
|
||||
<?php
|
||||
// End if for account settings
|
||||
}
|
||||
?>
|
||||
|
||||
// Disable auto updates
|
||||
<?php echo $pref;?>("app.update.enabled", false);
|
||||
<?php echo $pref;?>("app.update.auto", false);
|
||||
|
|
Loading…
Reference in New Issue