X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2FLoginPage.java;h=d2d39ba4fa1d6b9e2b26ff4ee2ffd89b8adb930a;hb=fa1ae652fbff9c7caeded3fc89680703d1da381b;hp=ee6a6e981daaf329ae7caaca45a86bfb36babfff;hpb=e87392fd58e9152531a8d1cb34cb46e370062108;p=gigi.git

diff --git a/src/org/cacert/gigi/pages/LoginPage.java b/src/org/cacert/gigi/pages/LoginPage.java
index ee6a6e98..d2d39ba4 100644
--- a/src/org/cacert/gigi/pages/LoginPage.java
+++ b/src/org/cacert/gigi/pages/LoginPage.java
@@ -12,6 +12,7 @@ import javax.servlet.http.HttpSession;
 import org.cacert.gigi.database.DatabaseConnection;
 import org.cacert.gigi.database.GigiPreparedStatement;
 import org.cacert.gigi.database.GigiResultSet;
+import org.cacert.gigi.dbObjects.Group;
 import org.cacert.gigi.dbObjects.User;
 import org.cacert.gigi.localisation.Language;
 import org.cacert.gigi.util.PasswordHash;
@@ -65,7 +66,7 @@ public class LoginPage extends Page {
     private void tryAuthWithUnpw(HttpServletRequest req) {
         String un = req.getParameter("username");
         String pw = req.getParameter("password");
-        GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT `password`, `id` FROM `users` WHERE `email`=? AND locked='0' AND verified='1'");
+        GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT `password`, `id` FROM `users` WHERE `email`=? AND verified='1'");
         ps.setString(1, un);
         GigiResultSet rs = ps.executeQuery();
         if (rs.next()) {
@@ -82,7 +83,7 @@ public class LoginPage extends Page {
 
     private void tryAuthWithCertificate(HttpServletRequest req, X509Certificate x509Certificate) {
         String serial = x509Certificate.getSerialNumber().toString(16).toUpperCase();
-        GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT `memid` FROM `certs` WHERE `serial`=? AND `disablelogin`='0' AND `revoked` = " + "'0000-00-00 00:00:00'");
+        GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT `memid` FROM `certs` WHERE `serial`=? AND `disablelogin`='0' AND `revoked` is NULL");
         ps.setString(1, serial);
         GigiResultSet rs = ps.executeQuery();
         if (rs.next()) {
@@ -91,7 +92,12 @@ public class LoginPage extends Page {
         rs.close();
     }
 
+    private static final Group LOGIN_BLOCKED = Group.getByString("blockedlogin");
+
     private void loginSession(HttpServletRequest req, User user) {
+        if (user.isInGroup(LOGIN_BLOCKED)) {
+            return;
+        }
         req.getSession().invalidate();
         HttpSession hs = req.getSession();
         hs.setAttribute(LOGGEDIN, true);