X-Git-Url: http://git.annexia.org/?a=blobdiff_plain;f=scripts%2Fcreate_user.ml;h=e8e136e3f8608bfc7518e08e312eef2445bffa81;hb=5fbc0955aef8b887a7bd1d91ff7b1a0ba9d1b90a;hp=5f6be277719de7bd0be62d67fae443e294590aa9;hpb=6b0b6830a2e784eee99dcd1b1a3cb8b44e27c765;p=cocanwiki.git diff --git a/scripts/create_user.ml b/scripts/create_user.ml index 5f6be27..e8e136e 100644 --- a/scripts/create_user.ml +++ b/scripts/create_user.ml @@ -1,7 +1,7 @@ (* COCANWIKI - a wiki written in Objective CAML. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: create_user.ml,v 1.3 2004/09/23 11:56:47 rich Exp $ + * $Id: create_user.ml,v 1.7 2006/03/27 18:09:46 rich Exp $ * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -28,69 +28,70 @@ open Cocanwiki open Cocanwiki_ok open Cocanwiki_strings -let run r (q : cgi) (dbh : Dbi.connection) hostid _ _ = +let run r (q : cgi) dbh hostid _ _ = let username = trim (q#param "username") in let password1 = trim (q#param "password1") in let password2 = trim (q#param "password2") in if username = "" || password1 = "" || password2 = "" then ( error ~back_button:true ~title:"Bad username or password" - q "The username or password you gave is empty."; + dbh hostid q "The username or password you gave is empty."; return () ); if password1 <> password2 then ( error ~back_button:true ~title:"Passwords don't match" - q "The two passwords you gave aren't identical."; + dbh hostid q "The two passwords you gave aren't identical."; return () ); let password = password1 in - (* - Uh oh ... Not making UNICODE assumptions ... XXX - if String.length username > 32 || String.length password > 32 then - *) - - let email = trim (q#param "email") in - let email = if string_is_whitespace email then `Null else `String email in + if UTF8.length username > 32 || UTF8.length password > 128 then ( + error ~back_button:true ~title:"Username or password too long" + dbh hostid q "Usernames should be less than 32 characters long. For passwords we let you have a generous 128 characters."; + return () + ); (* Not a duplicate? *) - let sth = dbh#prepare_cached "select id from users - where hostid = ? and name = ?" in - sth#execute [`Int hostid; `String username]; - - (try - sth#fetch1 (); - error ~back_button:true ~title:"Username already taken" - q "Someone has already taken that username."; - return () - with - Not_found -> ()); + let rows = PGSQL(dbh) + "select id from users where hostid = $hostid and name = $username" in + + (match rows with + | [_] -> + error ~back_button:true ~title:"Username already taken" + dbh hostid q "Someone has already taken that username."; + return () + | [] -> () + | _ -> assert false + ); let can_edit = q#param_true "can_edit" in let can_manage_users = q#param_true "can_manage_users" in let can_manage_contacts = q#param_true "can_manage_contacts" in let can_manage_site = q#param_true "can_manage_site" in let can_edit_global_css = q#param_true "can_edit_global_css" in + let can_import_mail = q#param_true "can_import_mail" in + let force_password_change = q#param_true "force_password_change" in (* Create the user account. *) - let sth = dbh#prepare_cached "insert into users (name, password, email, - hostid, can_edit, can_manage_users, - can_manage_contacts, can_manage_site, - can_edit_global_css) - values (?, ?, ?, ?, ?, ?, ?, ?, ?)" in - sth#execute [`String username; `String password; email; `Int hostid; - `Bool can_edit; `Bool can_manage_users; - `Bool can_manage_contacts; `Bool can_manage_site; - `Bool can_edit_global_css]; - - dbh#commit (); + PGSQL(dbh) + "insert into users (name, password, + hostid, can_edit, can_manage_users, + can_manage_contacts, can_manage_site, + can_edit_global_css, can_import_mail, + force_password_change) + values ($username, $password, $hostid, $can_edit, $can_manage_users, + $can_manage_contacts, $can_manage_site, + $can_edit_global_css, $can_import_mail, + $force_password_change)"; + + PGOCaml.commit dbh; let buttons = [ ok_button "/_users" ] in ok ~title:"Account created" ~buttons - q ("An account was created for " ^ username ^ ".") + dbh hostid q ("An account was created for " ^ username ^ ".") let () = register_script ~restrict:[CanManageUsers] run