reguser.cgi: error instead of die on bad user name
authorKyle J. McKay <mackyle@gmail.com>
Fri, 23 Aug 2013 19:34:42 +0000 (23 12:34 -0700)
committerKyle J. McKay <mackyle@gmail.com>
Fri, 23 Aug 2013 19:34:42 +0000 (23 12:34 -0700)
Avoid dying when a registration attempt for an invalid user name
is made.  Previously creation of a User instance would be attempted
with the invalid user name which would cause die to execute.

Instead detect the error and handle it the same way as a user name
already exists and bad email error.

cgi/reguser.cgi

index 488b451..8dfd5cb 100755 (executable)
@@ -29,29 +29,33 @@ if ($cgi->param('name') && $y0 eq 'Register' && $cgi->request_method eq 'POST')
        # submitted, let's see
        # FIXME: racy, do a lock
        my $name = $gcgi->wparam('name');
-       Girocco::User::valid_name($name)
-               and Girocco::User::does_exist($name)
-               and $gcgi->err("User with that name already exists.");
-
-       my $user = Girocco::User->ghost($name);
-       if ($user->cgi_fill($gcgi)) {
-               $user->conjure;
-               my $keysdiv = '';
-               my $keylist = $user->keys_html_list;
-               if ($keylist) {
-                       $keysdiv = <<EOT;
+       if (!Girocco::User::valid_name($name)) {
+               $gcgi->err("Invalid user name.");
+               $gcgi->err_check;
+       } elsif (Girocco::User::does_exist($name)) {
+               $gcgi->err("A user with that name already exists.");
+               $gcgi->err_check;
+       } else {
+               my $user = Girocco::User->ghost($name);
+               if ($user->cgi_fill($gcgi)) {
+                       $user->conjure;
+                       my $keysdiv = '';
+                       my $keylist = $user->keys_html_list;
+                       if ($keylist) {
+                               $keysdiv = <<EOT;
 
 <div id="keys"><p>The following keys have been registered for user $name as
 shown below along with their <tt>ssh-keygen -l</tt> fingerprint:</p>
 $keylist</div>
 EOT
-               }
-               print <<EOT;
+                       }
+                       print <<EOT;
 <p>User $name successfully registered.</p>
 <p>Project administrators can now give you push access to their projects.</p>
 <p>Congratulations, and have a lot of fun!</p>$keysdiv
 EOT
-               exit;
+                       exit;
+               }
        }
 }