From fde4238d4e19605c446f4741d60adc5a22d59229 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20P=C3=A9ters?= <fpeters@entrouvert.com>
Date: Sun, 1 Nov 2020 15:05:49 +0100
Subject: [PATCH] check names before creating User object (#48162)

(I don't know if creating the User object had any effet on the database
but better safe than sorry)
---
 lib/account_controller_patch.rb | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/lib/account_controller_patch.rb b/lib/account_controller_patch.rb
index c6d6600..78c8855 100644
--- a/lib/account_controller_patch.rb
+++ b/lib/account_controller_patch.rb
@@ -8,16 +8,16 @@ module AccountControllerNameCheckPatch
           @user = User.new(:language => current_language.to_s)
         else
           user_params = params[:user] || {}
-          @user = User.new
-          @user.safe_attributes = user_params
-          @user.pref.attributes = params[:pref] if params[:pref]
-          @user.admin = false
-          if @user.firstname == @user.lastname
+          if user_params[:firstname] == user_params[:lastname]
             # common spam pattern
             flash[:error] = "Error registering account."
             redirect_to home_url
             return
           end
+          @user = User.new
+          @user.safe_attributes = user_params
+          @user.pref.attributes = params[:pref] if params[:pref]
+          @user.admin = false
           @user.register
           if session[:auth_source_registration]
             @user.activate