diff --git a/root/usr/share/mozilla-mcd/firefox.php b/root/usr/share/mozilla-mcd/firefox.php index 93aad45..16e568b 100644 --- a/root/usr/share/mozilla-mcd/firefox.php +++ b/root/usr/share/mozilla-mcd/firefox.php @@ -17,8 +17,13 @@ if(isset($_SERVER['QUERY_STRING']) && preg_match('/^.+@' . DOMAIN . '$/', $_SERV $result = ldap_search($link, USER_BASE, "uid=" . $uid); $user = ldap_get_entries($link, $result); if($user['count'] == 0) { - // user not found - exit; + // Search for the mail address + $result = ldap_search($link, USER_BASE, "mail=" . $_SERVER['QUERY_STRING']); + $user = ldap_get_entries($link, $result); + if($user['count'] != 1) { + // user not found or multiple result found + exit; + } } $pref = FF_PREF; // Don't lock pref if the user is member of some special groups diff --git a/root/usr/share/mozilla-mcd/thunderbird.php b/root/usr/share/mozilla-mcd/thunderbird.php index 3b15086..1bb6276 100644 --- a/root/usr/share/mozilla-mcd/thunderbird.php +++ b/root/usr/share/mozilla-mcd/thunderbird.php @@ -16,8 +16,13 @@ if(isset($_SERVER['QUERY_STRING']) && preg_match('/^.+@' . DOMAIN . '$/', $_SERV $result = ldap_search($link, USER_BASE, "uid=" . $uid); $user = ldap_get_entries($link, $result); if($user['count'] == 0) { - // user not found - exit; + // Search for the mail address + $result = ldap_search($link, USER_BASE, "mail=" . $_SERVER['QUERY_STRING']); + $user = ldap_get_entries($link, $result); + if($user['count'] != 1) { + // user not found or multiple result found + exit; + } } $pref = TB_PREF; // Don't lock pref if the user is member of some special groups