echosystem.fr
/
phpservermon
mirror of https://github.com/phpservermon/phpservermon.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Only __public__ can be anonymous

This commit is contained in:
TimZ99 2020-08-18 17:53:18 +02:00
parent b94d66bfc0
commit 27d9bd6a70
No known key found for this signature in database
GPG Key ID: 4D8268DC68E8339D
2 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/lang/en_US.lang.php
View File

@ -152,6 +152,7 @@ $sm_lang = array(
'error_user_password_invalid' => 'The entered password is invalid.',
'error_user_password_no_match' => 'The entered passwords do not match.',
'error_user_admin_cant_be_deleted' => 'You can\'t remove the last administrator.',
'error_user_cant_be_anonymous' => 'Only user \'__public__\' can have the level anonymous.'
),
'log' => array(
'title' => 'Log entries',

8
src/psm/Module/User/Controller/UserController.php
View File

@ -274,6 +274,14 @@ class UserController extends AbstractController
$user_validator->username($clean['user_name'], $user_id);
$user_validator->email($clean['email']);
$user_validator->level($clean['level']);
// Won't allow anonymous level for users other than __PUBLIC__
if ($clean['user_name'] !== "__PUBLIC__" && (int) $clean['level'] === (int) PSM_USER_ANONYMOUS) {
$this->addMessage(psm_get_lang('users', 'error_user_cant_be_anonymous'), 'error');
$clean['level'] = PSM_USER_USER;
}
// Won't allow removing the last admin
if (
count($this->db->select(PSM_DB_PREFIX . 'users', array('level' => PSM_USER_ADMIN))) == 1 &&
$this->getUser()->getUserLevel() == PSM_USER_ADMIN