bibsonomy / BibSonomy / issues / #1742 - Entries in OpenId table with no corresponding entry in user table — Bitbucket

Issue #1742 resolved

Daniel Zoller created an issue 2012-11-12

I found out that some entries in the openIDUser table have no corresponding entry in the user table. If someone registers a new user with one of these usernames someone else has access to the new user account.

I found this on the BibLicious database, could someone of the senior developers check the BibSonomy's database?

Comments (7)

Thomas Niebler
still there
- 2013-07-24T15:08:51+00:00

Daniel Zoller reporter

query should be

CREATE TEMPORARY TABLE unknown_openid_users SELECT user_name FROM openIDUser LEFT JOIN user USING(user_name) WHERE user_password IS NULL;
DELETE FROM openIDUser WHERE user_name IN (SELECT user_name FROM unknown_openid_users);
DROP TABLE unknown_openid_users;

2013-12-15T21:45:35+00:00

Daniel Zoller reporter
- changed version to 2.0.42
- edited description
- 2014-02-21T13:54:28+00:00
Daniel Zoller reporter
- changed status to open
- 2014-02-21T13:54:38+00:00
Daniel Zoller reporter
- changed component to database
- 2014-02-21T16:46:34+00:00
Daniel Zoller reporter
- changed status to resolved
- 2014-03-28T12:13:10+00:00
Daniel Zoller reporter
- changed version to 2.0.43
- 2014-03-28T12:14:26+00:00
Log in to comment

Assignee: Daniel Zoller

Type: bug

Priority: blocker

Status: resolved

Component: database

Milestone: –

Version: 2.0.43

Votes: 0

Watchers: 0

Jira Software: the preferred issue tracker for Bitbucket. Join the team!