diff options
author | Jérôme Schneider <jschneider@entrouvert.com> | 2015-04-03 15:05:58 (GMT) |
---|---|---|
committer | Jérôme Schneider <jschneider@entrouvert.com> | 2015-04-03 15:05:58 (GMT) |
commit | a162b120ae55adc756e68a1f6ca469c8eade924d (patch) | |
tree | 3b793f4a57f059f50caf5f55f5921b2e64db8bcd | |
parent | 87890ad29707f994ac6e785030b48216e0010ede (diff) | |
download | spip-saml-a162b120ae55adc756e68a1f6ca469c8eade924d.zip spip-saml-a162b120ae55adc756e68a1f6ca469c8eade924d.tar.gz spip-saml-a162b120ae55adc756e68a1f6ca469c8eade924d.tar.bz2 |
login_saml: test if we have a nameid in saml attributes
-rw-r--r-- | balise/login_saml.php | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/balise/login_saml.php b/balise/login_saml.php index 5a2c6db..db14b52 100644 --- a/balise/login_saml.php +++ b/balise/login_saml.php @@ -72,10 +72,15 @@ function login_saml_successfull() $nameid = $attributes['NameID'][0]; $display_name = $first_name . ' ' . $last_name; + if (!$nameid) { + spip_log("[auth_saml] no NameID found in SAML attributes, cancel login", _LOG_ERREUR); + redirige_par_entete('/'); + } + spip_log("[auth_saml] authentification reussi pour l'utilisateur =".$email); // Si l'utilisateur figure deja dans la base, y recuperer les infos - $result = spip_query("SELECT * FROM spip_auteurs WHERE nameid=". _q($nameid) ." AND statut<>'6form'" ); + $result = spip_query("SELECT * FROM spip_auteurs WHERE nameid=". _q($nameid) ." AND statut<>'6form'"); $row_auteur = spip_fetch_array($result); if (!$row_auteur) { |