Don't allow signup page to work unless necessary

diff --git a/login/signup.php b/login/signup.php
index ef655dda37bfd451a12717970bf230e507c6405f..c5a740be29997c38052c211222ed2a973e68944c 100644 (file)
--- a/login/signup.php
+++ b/login/signup.php
@@ -3,6 +3,10 @@
     require_once("../config.php");
     require_once("../auth/$CFG->auth/lib.php");
 
+    if ($CFG->auth != 'email' and (empty($CFG->auth_user_create) or !(function_exists('auth_user_create'))) ) {
+        error("Sorry, you may not use this page.");
+    }
+
     if ($user = data_submitted()) {
 
         $user->firstname = strip_tags($user->firstname);
@@ -19,7 +23,7 @@
             $user->lang = current_language();
             $user->firstaccess = time();
             $user->secret = random_string(15);
-            if (isset($CFG->auth_user_create) and $CFG->auth_user_create==1 and function_exists('auth_user_create') ){
+            if (!empty($CFG->auth_user_create) and function_exists('auth_user_create') ){
                 if (! auth_user_exists($user->username)) {
                     if (! auth_user_create($user,$plainpass)) {
                         error("Could not add user to authentication module!");