I create a user with username containing uppercase and lowercase characters. I mistakenly create another user with same spelling but all lowercase username. When I try to save the latter, OpenEMR gives an error message in a dialog (sorry I didn’t record it). The Apache error log contains:
"… referer: …/interface/usergroup/usergroup_admin_add.php
"… Executing as user:openemr Statement failed:INSERT INTO users_secure (id,username,password,salt,last_update) VALUES (?,?,?,?,NOW()) :Duplicate entry ‘10’ for key ‘PRIMARY’==>…/library/authentication/password_change.php at 145:initializePassword, referer: … /interface/usergroup/usergroup_admin_add.php
I select Save again and get a second error message.
I select Cancel.
I now have 3 user accounts, the original with uppercase and the 2 lowercase ones.
I mark the uppercase account inactive.
I am unable to login using either account, OpenEMR says incorrect password.
The Apache error log contains this when trying to login with the lowercase username:
Incorrect password!, referer: …/interface/usergroup/user_admin.php?id=37&csrf_token_form=
I change the password for both accounts to the same password, and now when I try to login I get returned to the login screen without an error message from OpenEMR.
As I understand it, OpenEMR has no mechanism to delete a user account, which would be useful to circumvent such issues.
This is OpenEMR 184.108.40.206 on Debian.
Any help would be appreciated in understanding how to rescue / reset these user accounts – I want to retain the lowercase one. And let me know if you’d like me to record this a Github.