From e640c245156d400a529eb8aa37463e4d8722c553 Mon Sep 17 00:00:00 2001
From: Erik Thuning <boooink@gmail.com>
Date: Thu, 13 Mar 2025 14:49:34 +0100
Subject: [PATCH] FIX: Initiating a loan from a product no longer requires the
user to already exist.
Loans created on the checkout page and the product page used different
functions to look up users, causing inconsistent behaviour. Now both use the
"advanced" user lookup that will initialize users that don't currently exist
in the system.
---
include/Ajax.php | 2 +-
include/CheckoutPage.php | 51 ----------------------------------------
include/Responder.php | 51 ++++++++++++++++++++++++++++++++++++++++
3 files changed, 52 insertions(+), 52 deletions(-)
diff --git a/include/Ajax.php b/include/Ajax.php
index 9beb326..49adff1 100644
--- a/include/Ajax.php
+++ b/include/Ajax.php
@@ -81,7 +81,7 @@ class Ajax extends Responder {
private function checkout_product() {
$user = null;
try {
- $user = new User($_POST['user'], 'name');
+ $user = $this->user_init($_POST['user'], null);
} catch(Exception $e) {
return new Failure(i18n('Invalid user ID.'));
}
diff --git a/include/CheckoutPage.php b/include/CheckoutPage.php
index 2296f6f..7bfa219 100644
--- a/include/CheckoutPage.php
+++ b/include/CheckoutPage.php
@@ -20,57 +20,6 @@ class CheckoutPage extends Page {
}
}
- protected function user_init($name, $email) {
- $nameuser = null;
- $emailuser = null;
- if($name) {
- try {
- $nameuser = new User($name, 'name');
- } catch(Exception $ue) {
- # The user wasn't found locally
- try {
- $this->ldap->get_user($name);
- $nameuser = User::create_user($name);
- } catch(Exception $le) {
- $err = i18n("Username {name} not found.",
- $name);
- throw new Exception($err);
- }
- }
- }
- if($email) {
- try {
- $search = $email;
- if(strpos($email, '@') === false) {
- $search = $email .'@dsv.su.se';
- }
- # Lookup email directly in ldap since we don't store it
- $uid = $this->ldap->search_email($search);
- } catch(Exception $le) {
- $err = i18n('Email address {address} not found.',
- $search);
- throw new Exception($err);
- }
- try {
- $emailuser = new User($uid, 'name');
- } catch(Exception $ue) {
- # User wasn't found locally, so initialize a new user
- $emailuser = User::create_user($uid);
- }
- }
- if($nameuser && $emailuser) {
- if($nameuser != $emailuser) {
- $err = i18n('Username and email match different users.');
- throw new Exception($err);
- }
- return $nameuser;
- }
- if($nameuser) {
- return $nameuser;
- }
- return $emailuser;
- }
-
protected function render_body() {
$username = $this->userstr;
$email = $this->emailstr;
diff --git a/include/Responder.php b/include/Responder.php
index bbc9104..2787279 100644
--- a/include/Responder.php
+++ b/include/Responder.php
@@ -27,6 +27,57 @@ abstract class Responder {
abstract public function render();
+ final protected function user_init($name, $email) {
+ $nameuser = null;
+ $emailuser = null;
+ if($name) {
+ try {
+ $nameuser = new User($name, 'name');
+ } catch(Exception $ue) {
+ # The user wasn't found locally
+ try {
+ $this->ldap->get_user($name);
+ $nameuser = User::create_user($name);
+ } catch(Exception $le) {
+ $err = i18n("Username {name} not found.",
+ $name);
+ throw new Exception($err);
+ }
+ }
+ }
+ if($email) {
+ try {
+ $search = $email;
+ if(strpos($email, '@') === false) {
+ $search = $email .'@dsv.su.se';
+ }
+ # Lookup email directly in ldap since we don't store it
+ $uid = $this->ldap->search_email($search);
+ } catch(Exception $le) {
+ $err = i18n('Email address {address} not found.',
+ $search);
+ throw new Exception($err);
+ }
+ try {
+ $emailuser = new User($uid, 'name');
+ } catch(Exception $ue) {
+ # User wasn't found locally, so initialize a new user
+ $emailuser = User::create_user($uid);
+ }
+ }
+ if($nameuser && $emailuser) {
+ if($nameuser != $emailuser) {
+ $err = i18n('Username and email match different users.');
+ throw new Exception($err);
+ }
+ return $nameuser;
+ }
+ if($nameuser) {
+ return $nameuser;
+ }
+ return $emailuser;
+ }
+
final protected function escape_tags($tags) {
foreach($tags as $key => $tag) {
$tags[$key] = $this->escape_string(strtolower($tag));