diff --git a/Interfaces/ActiveDirectoryInterface/SyncUsers.MSSQL.vb b/Interfaces/ActiveDirectoryInterface/SyncUsers.MSSQL.vb index 2ce5183e..c619cb55 100644 --- a/Interfaces/ActiveDirectoryInterface/SyncUsers.MSSQL.vb +++ b/Interfaces/ActiveDirectoryInterface/SyncUsers.MSSQL.vb @@ -42,7 +42,7 @@ Namespace SyncUsers End Try For Each oUser In Users - Dim oUserId As Int64 + Dim oUserId As Long Dim oUserExists As Boolean ' Check if user already exists @@ -68,7 +68,7 @@ Namespace SyncUsers _logger.Debug("Creating new user for [{0}]", oUser) oUserId = CreateUser(oUser) _logger.Debug("User created with Id [{0}]", oUserId) - _logger.Info("Added new User [{0}]", oUser.samAccountName) + _logger.Info("Added new User [{0}]", oUser) oCreatedUsers.Add(oUser) Else @@ -76,7 +76,7 @@ Namespace SyncUsers oUserId = UpdateUser(oUser) If oUserId <> 0 Then _logger.Debug("User created with Id [{0}]", oUserId) - _logger.Info("Updated User [{0}]", oUser.samAccountName) + _logger.Info("Updated User [{0}]", oUser) oUpdatedUsers.Add(oUser) End If @@ -84,7 +84,7 @@ Namespace SyncUsers Catch ex As Exception _logger.Error(ex) - _logger.Warn("Could Not create/update user [{0}]. Skipping.", oUser.samAccountName) + _logger.Warn("Could Not create/update user [{0}]. Skipping.", oUser) Continue For End Try @@ -99,7 +99,7 @@ Namespace SyncUsers ' Add the user to group Try If AddUserToGroup(oUserId, oGroupId) Then - _logger.Info("User [{0}] added to group [{1}]", oUser.samAccountName, GroupName) + _logger.Info("User [{0}] added to group [{1}]", oUser, GroupName) End If Catch ex As Exception _logger.Error(ex) @@ -175,7 +175,8 @@ Namespace SyncUsers Dim oSQL As String = $"SELECT GUID FROM TBDD_USER WHERE UPPER(USERNAME) = UPPER('{UserName}')" Dim oUserId = _mssql.GetScalarValue(oSQL) - If IsDBNull(oUserId) OrElse oUserId = 0 Then + If IsDBNull(oUserId) OrElse IsNothing(oUserId) OrElse oUserId = 0 Then + _logger.Debug("User [{0}] does not exist", UserName) Return 0 End If @@ -194,9 +195,15 @@ Namespace SyncUsers End If Dim oUserId As Integer = GetUserId(User.samAccountName) + _logger.Debug("UserId of User [{0}] is [{1}]", User, oUserId) If oUserId = 0 Then - Dim oSQL As String = $"INSERT INTO TBDD_USER (PRENAME, NAME, USERNAME, EMAIL, ADDED_WHO) VALUES ('{User?.GivenName}', '{User?.Surname?.Replace("'", "''")}', UPPER('{User?.samAccountName?.Replace("'", "''")}'), '{User?.Email?.Replace("'", "''")}', '{ADDED_WHO}')" + Dim oPrename = User.GivenName.EscapeForSQL() + Dim oSurname = User.Surname.EscapeForSQL() + Dim oUsername = User.samAccountName.EscapeForSQL() + Dim oEmail = User.Email.EscapeForSQL() + + Dim oSQL As String = $"INSERT INTO TBDD_USER (PRENAME, NAME, USERNAME, EMAIL, ADDED_WHO) VALUES ('{oPrename}', '{oSurname}', UPPER('{oUsername}'), '{oEmail}', '{ADDED_WHO}')" Dim oResult = _mssql.ExecuteNonQuery(oSQL) If oResult = True Then @@ -230,11 +237,11 @@ Namespace SyncUsers Dim oUserId As Integer = GetUserId(User.samAccountName) If Not IsNothing(oUserId) Then If oUserId > 0 Then - Dim oGivenName As String = EscapeQuotes(User.GivenName) - Dim oSurname As String = EscapeQuotes(User.Surname) - Dim oEmail As String = EscapeQuotes(User.Email) + Dim oPrename = User.GivenName.EscapeForSQL() + Dim oSurname = User.Surname.EscapeForSQL() + Dim oEmail = User.Email.EscapeForSQL() - Dim oSQL As String = $"UPDATE TBDD_USER SET PRENAME = '{oGivenName}', NAME = '{oSurname}', EMAIL = '{oEmail}', CHANGED_WHO = '{ADDED_WHO}' WHERE GUID = {oUserId}" + Dim oSQL As String = $"UPDATE TBDD_USER SET PRENAME = '{oPrename}', NAME = '{oSurname}', EMAIL = '{oEmail}', CHANGED_WHO = '{ADDED_WHO}' WHERE GUID = {oUserId}" Dim oResult = _mssql.ExecuteNonQuery(oSQL) If oResult = True Then @@ -256,11 +263,6 @@ Namespace SyncUsers End Try End Function - Private Function EscapeQuotes(pString As String) - Dim oString = Utils.NotNull(pString, String.Empty) - Return oString.Replace("'", "''") - End Function - Public Sub AddCustomAttributesToUser(User As ADUser, UserId As Integer) Implements ISyncUsers.AddCustomAttributesToUser Dim oCustomAttributes = User.CustomAttributes