diff options
author | Yorhel <git@yorhel.nl> | 2019-10-03 18:01:17 +0200 |
---|---|---|
committer | Yorhel <git@yorhel.nl> | 2019-10-03 18:01:17 +0200 |
commit | 5ab9f4c5a7008cf832330fdbc7d5337d768dc8ee (patch) | |
tree | a9a1b3b9ee1612fa3dc95962b15501b518ddfcf0 /util | |
parent | 3f7769d2ba4047e8766e511b7a42c7aa4721f6f8 (diff) |
Disallow changing email address to one already used by another account
Diffstat (limited to 'util')
-rw-r--r-- | util/sql/func.sql | 4 | ||||
-rw-r--r-- | util/updates/update_20191003b.sql | 1 |
2 files changed, 3 insertions, 2 deletions
diff --git a/util/sql/func.sql b/util/sql/func.sql index 0ffe902d..cdf1b605 100644 --- a/util/sql/func.sql +++ b/util/sql/func.sql @@ -769,8 +769,8 @@ CREATE OR REPLACE FUNCTION user_isvalidsession(integer, bytea, session_type) RET $$ LANGUAGE SQL SECURITY DEFINER; -CREATE OR REPLACE FUNCTION user_emailexists(text) RETURNS boolean AS $$ - SELECT true FROM users WHERE lower(mail) = lower($1) LIMIT 1 +CREATE OR REPLACE FUNCTION user_emailexists(text, integer) RETURNS boolean AS $$ + SELECT true FROM users WHERE lower(mail) = lower($1) AND ($2 IS NULL OR id <> $2) LIMIT 1 $$ LANGUAGE SQL SECURITY DEFINER; diff --git a/util/updates/update_20191003b.sql b/util/updates/update_20191003b.sql index a7342463..d3c41005 100644 --- a/util/updates/update_20191003b.sql +++ b/util/updates/update_20191003b.sql @@ -13,6 +13,7 @@ DROP FUNCTION user_isloggedin(integer, bytea); DROP FUNCTION user_update_lastused(integer, bytea); DROP FUNCTION user_isvalidtoken(integer, bytea); DROP FUNCTION user_setmail(integer, integer, bytea, text); +DROP FUNCTION user_emailexists(text); -- Convert old password reset tokens to the new session format INSERT INTO sessions (uid, token, expires, type) |