From 9e8b0c7769a27f642e8b9c20c639e8defde98433 Mon Sep 17 00:00:00 2001
From: Luke Tainton <luke@tainton.uk>
Date: Mon, 17 Aug 2020 15:37:15 +0100
Subject: [PATCH] :bug: User not added to DB - force die() on error

Signed-off-by: Luke Tainton <luke@tainton.uk>
---
 app/includes/app_functions.php | 17 +++++++++++++++++
 app/public/actions/login.php   | 16 ++++++----------
 2 files changed, 23 insertions(+), 10 deletions(-)

diff --git a/app/includes/app_functions.php b/app/includes/app_functions.php
index 47f0fc5..e6207ee 100644
--- a/app/includes/app_functions.php
+++ b/app/includes/app_functions.php
@@ -6,6 +6,23 @@
       return $version;
   }
 
+  function user_exists($db, $uuid)
+  {
+    try {
+        $sql = $db->prepare("SELECT uuid FROM users WHERE uuid=:uuid");
+        $sql->bindParam(':uuid', $uuid);
+        $sql->execute();
+      } catch (PDOException $e) {
+        $alert = array("danger", "Error during check for user record: " . $e->getMessage());
+      }
+      if (empty($sql))
+      {
+          return false;
+      } else {
+          return true;
+      }
+  }
+
   function get_all_users($db)
   {
       try {
diff --git a/app/public/actions/login.php b/app/public/actions/login.php
index 38fdcc1..5fb54fa 100644
--- a/app/public/actions/login.php
+++ b/app/public/actions/login.php
@@ -17,16 +17,8 @@
       $alert = array("danger", "Error during OpenID Connect authentication: " . $e->getMessage());
     }
 
-    // Check if the user already exists
-    try {
-      $user_exist_sql = $db->prepare("SELECT uuid FROM users WHERE uuid=:uuid");
-      $user_exist_sql->bindParam(':uuid', $oidc_user['sub']);
-      $user_exist_sql->execute();
-    } catch (PDOException $e) {
-      $alert = array("danger", "Error during check for user record: " . $e->getMessage());
-    }
-
-    if (empty($user_exist_sql)) {
+    if (!user_exists($db, $uuid))
+    {
       // User doesn't already exist
       try {
         $stmt = "INSERT INTO users (uuid, uid, given_name, family_name, email) VALUES (:sub, :username, :given, :family, :email)";
@@ -38,6 +30,8 @@
         $sql->bindParam(':email', $oidc_user['email']);
         $sql->execute();
       } catch (Jumbojett\PDOException $e) {
+        echo("Error during creation of new user record: " . $e->getMessage());
+        die();
         $alert = array("danger", "Error during creation of new user record: " . $e->getMessage());
       }
     } else {
@@ -52,6 +46,8 @@
         $sql->bindParam(':email', $oidc_user['email']);
         $sql->execute();
       } catch (Jumbojett\PDOException $e) {
+        echo("Error during existing user record update: " . $e->getMessage());
+        die();
         $alert = array("danger", "Error during existing user record update: " . $e->getMessage());
       }
     }