Merge branch 'MDL-46975-master' of git://github.com/junpataleta/moodle

moodle · Apr 10, 2019 · e9cbc45 · e9cbc45
2 parents 62536ae + cd69d45
commit e9cbc45
Show file tree

Hide file tree

Showing 2 changed files with 47 additions and 5 deletions.
diff --git a/auth/email/tests/behat/signup.feature b/auth/email/tests/behat/signup.feature
@@ -63,3 +63,36 @@ Feature: User must accept policy when logging in and signing up
     And I log in as "user1"
     And I open my profile in edit mode
     And the field "First name" matches value "User1"
+
+  Scenario Outline: Email validation during email registration
+    Given the following config values are set as admin:
+      | allowaccountssameemail | <allowsameemail> |
+      | registerauth           | email              |
+      | passwordpolicy         | 0                  |
+    And the following "users" exist:
+      | username | firstname | lastname | email          |
+      | s1       | John      | Doe      | s1@example.com |
+    And I am on site homepage
+    And I follow "Log in"
+    When I press "Create new account"
+    And I set the following fields to these values:
+      | Username      | s2      |
+      | Password      | test    |
+      | Email address | <email1> |
+      | Email (again) | <email2> |
+      | First name    | Jane    |
+      | Surname       | Doe     |
+    And I press "Create my new account"
+    Then I should <expect> "This email address is already registered. Perhaps you created an account in the past?"
+    And I should <expect2> "Invalid email address"
+
+    Examples:
+      | allowsameemail | email1         | email2         | expect  | expect2 |
+      | 0              | s1@example.com | s1@example.com | see     | not see |
+      | 0              | S1@EXAMPLE.COM | S1@EXAMPLE.COM | see     | not see |
+      | 0              | s1@example.com | S1@EXAMPLE.COM | see     | not see |
+      | 0              | s2@example.com | s1@example.com | not see | see     |
+      | 1              | s1@example.com | s1@example.com | not see | not see |
+      | 1              | S1@EXAMPLE.COM | S1@EXAMPLE.COM | not see | not see |
+      | 1              | s1@example.com | S1@EXAMPLE.COM | not see | not see |
+      | 1              | s1@example.com | s2@example.com | not see | see     |
diff --git a/lib/authlib.php b/lib/authlib.php
@@ -979,15 +979,24 @@ function signup_validate_data($data, $files) {
     if (! validate_email($data['email'])) {
         $errors['email'] = get_string('invalidemail');
 
-    } else if ($DB->record_exists('user', array('email' => $data['email']))) {
-        $errors['email'] = get_string('emailexists') . ' ' .
-                get_string('emailexistssignuphint', 'moodle',
-                        html_writer::link(new moodle_url('/login/forgot_password.php'), get_string('emailexistshintlink')));
+    } else if (empty($CFG->allowaccountssameemail)) {
+        // Make a case-insensitive query for the given email address.
+        $select = $DB->sql_equal('email', ':email', false) . ' AND mnethostid = :mnethostid';
+        $params = array(
+            'email' => $data['email'],
+            'mnethostid' => $CFG->mnet_localhost_id,
+        );
+        // If there are other user(s) that already have the same email, show an error.
+        if ($DB->record_exists_select('user', $select, $params)) {
+            $forgotpasswordurl = new moodle_url('/login/forgot_password.php');
+            $forgotpasswordlink = html_writer::link($forgotpasswordurl, get_string('emailexistshintlink'));
+            $errors['email'] = get_string('emailexists') . ' ' . get_string('emailexistssignuphint', 'moodle', $forgotpasswordlink);
+        }
     }
     if (empty($data['email2'])) {
         $errors['email2'] = get_string('missingemail');
 
-    } else if ($data['email2'] != $data['email']) {
+    } else if (core_text::strtolower($data['email2']) != core_text::strtolower($data['email'])) {
         $errors['email2'] = get_string('invalidemail');
     }
     if (!isset($errors['email'])) {