From bdad3b259aab7ac78b9def5bf4fafac880d0301f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Berk=20Demirk=C4=B1r?= <bdemirkir@users.noreply.github.com>
Date: Thu, 5 Jan 2017 02:52:20 +0200
Subject: [PATCH] Check primary email address fields on CreateUser (#556)

* Check primary email address fields on CreateUser

As this check wasn't available, uid=1 (and possibly guests too, if registration is open) is able to register new users with existing email addresses. This leads to numerous 500 errors.

* Update user.go

* Lower the email first. Then check
---
 models/user.go | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/models/user.go b/models/user.go
index e32a29ae3..1dbd63dce 100644
--- a/models/user.go
+++ b/models/user.go
@@ -600,6 +600,15 @@ func CreateUser(u *User) (err error) {
 	}
 
 	u.Email = strings.ToLower(u.Email)
+	has, err := x.
+		Where("email=?", u.Email).
+		Get(new(User))
+	if err != nil {
+		return err
+	} else if has {
+		return ErrEmailAlreadyUsed{u.Email}
+	}
+
 	isExist, err = IsEmailUsed(u.Email)
 	if err != nil {
 		return err