diff --git a/models/repo.go b/models/repo.go
index 522debb9fe..c5c5364da0 100644
--- a/models/repo.go
+++ b/models/repo.go
@@ -7,6 +7,7 @@ package models
 import (
 	"context"
 	"strconv"
+	"strings"
 
 	_ "image/jpeg" // Needed for jpeg support
 
@@ -86,11 +87,20 @@ func labelStatsCorrectNumClosedIssuesRepo(ctx context.Context, id int64) error {
 	return err
 }
 
-var milestoneStatsQueryNumIssues = "SELECT `milestone`.id FROM `milestone` WHERE `milestone`.num_closed_issues!=(SELECT COUNT(*) FROM `issue` WHERE `issue`.milestone_id=`milestone`.id AND `issue`.is_closed=?) OR `milestone`.num_issues!=(SELECT COUNT(*) FROM `issue` WHERE `issue`.milestone_id=`milestone`.id)"
+func milestoneStatsQueryNumIssuesSQL() string {
+	sql := `
+SELECT "milestone".id FROM "milestone"
+WHERE (
+	"milestone".num_closed_issues != (SELECT COUNT(*) FROM "issue" WHERE "issue".milestone_id="milestone".id AND "issue".is_closed=?)
+	OR "milestone".num_issues != (SELECT COUNT(*) FROM "issue" WHERE "issue".milestone_id="milestone".id)
+)
+`
+	return strings.TrimSpace(strings.ReplaceAll(sql, "\"", "`"))
+}
 
 func milestoneStatsCorrectNumIssuesRepo(ctx context.Context, id int64) error {
 	e := db.GetEngine(ctx)
-	results, err := e.Query(milestoneStatsQueryNumIssues+" AND `milestone`.repo_id = ?", true, id)
+	results, err := e.Query(milestoneStatsQueryNumIssuesSQL()+" AND `milestone`.repo_id = ?", true, id)
 	if err != nil {
 		return err
 	}
@@ -192,7 +202,7 @@ func CheckRepoStats(ctx context.Context) error {
 		},
 		// Milestone.Num{,Closed}Issues
 		{
-			statsQuery(milestoneStatsQueryNumIssues, true),
+			statsQuery(milestoneStatsQueryNumIssuesSQL(), true),
 			issues_model.UpdateMilestoneCounters,
 			"milestone count 'num_closed_issues' and 'num_issues'",
 		},
diff --git a/models/user/user.go b/models/user/user.go
index a74662bb12..41cf89ad30 100644
--- a/models/user/user.go
+++ b/models/user/user.go
@@ -1323,9 +1323,12 @@ func GetUserByEmail(ctx context.Context, email string) (*User, error) {
 	return nil, ErrUserNotExist{Name: email}
 }
 
-// GetUser checks if a user already exists
-func GetUser(ctx context.Context, user *User) (bool, error) {
-	return db.GetEngine(ctx).Get(user)
+func GetIndividualUser(ctx context.Context, user *User) (bool, error) {
+	has, err := db.GetEngine(ctx).Get(user)
+	if has && user.Type != UserTypeIndividual {
+		has = false
+	}
+	return has, err
 }
 
 // GetUserByOpenID returns the user object by given OpenID if exists.
diff --git a/routers/web/auth/auth.go b/routers/web/auth/auth.go
index b0f5a9ed79..e5e30667f0 100644
--- a/routers/web/auth/auth.go
+++ b/routers/web/auth/auth.go
@@ -633,16 +633,15 @@ func createUserInContext(ctx *context.Context, tpl templates.TplName, form any,
 			case setting.OAuth2AccountLinkingAuto:
 				var user *user_model.User
 				user = &user_model.User{Name: u.Name}
-				hasUser, err := user_model.GetUser(ctx, user)
+				hasUser, err := user_model.GetIndividualUser(ctx, user)
 				if !hasUser || err != nil {
 					user = &user_model.User{Email: u.Email}
-					hasUser, err = user_model.GetUser(ctx, user)
+					hasUser, err = user_model.GetIndividualUser(ctx, user)
 					if !hasUser || err != nil {
 						ctx.ServerError("UserLinkAccount", err)
 						return false
 					}
 				}
-
 				// TODO: probably we should respect 'remember' user's choice...
 				oauth2LinkAccount(ctx, user, possibleLinkAccountData, true)
 				return false // user is already created here, all redirects are handled
diff --git a/routers/web/auth/oauth.go b/routers/web/auth/oauth.go
index 3b1744669d..c103d20064 100644
--- a/routers/web/auth/oauth.go
+++ b/routers/web/auth/oauth.go
@@ -482,7 +482,7 @@ func oAuth2UserLoginCallback(ctx *context.Context, authSource *auth.Source, requ
 		LoginSource: authSource.ID,
 	}
 
-	hasUser, err := user_model.GetUser(ctx, user)
+	hasUser, err := user_model.GetIndividualUser(ctx, user)
 	if err != nil {
 		return nil, goth.User{}, err
 	}
diff --git a/services/auth/signin.go b/services/auth/signin.go
index e116a088e0..a8fa0f17dd 100644
--- a/services/auth/signin.go
+++ b/services/auth/signin.go
@@ -51,7 +51,7 @@ func UserSignIn(ctx context.Context, username, password string) (*user_model.Use
 	}
 
 	if user != nil {
-		hasUser, err := user_model.GetUser(ctx, user)
+		hasUser, err := user_model.GetIndividualUser(ctx, user)
 		if err != nil {
 			return nil, nil, err
 		}
diff --git a/services/auth/source/oauth2/source_sync.go b/services/auth/source/oauth2/source_sync.go
index c2e3dfb1a8..445e281a06 100644
--- a/services/auth/source/oauth2/source_sync.go
+++ b/services/auth/source/oauth2/source_sync.go
@@ -67,7 +67,7 @@ func (source *Source) refresh(ctx context.Context, provider goth.Provider, u *us
 		LoginSource: u.LoginSourceID,
 	}
 
-	hasUser, err := user_model.GetUser(ctx, user)
+	hasUser, err := user_model.GetIndividualUser(ctx, user)
 	if err != nil {
 		return err
 	}
diff --git a/templates/admin/auth/new.tmpl b/templates/admin/auth/new.tmpl
index 29eea06f55..256f648c6a 100644
--- a/templates/admin/auth/new.tmpl
+++ b/templates/admin/auth/new.tmpl
@@ -84,37 +84,66 @@
 			<h5>GMail Settings:</h5>
 			<p>Host: smtp.gmail.com, Port: 587, Enable TLS Encryption: true</p>
 
-			<h5 class="oauth2">{{ctx.Locale.Tr "admin.auths.tips.oauth2.general"}}:</h5>
-			<p class="oauth2">{{ctx.Locale.Tr "admin.auths.tips.oauth2.general.tip"}} <b id="oauth2-callback-url"></b></p>
-
-			<h5 class="ui top attached header">{{ctx.Locale.Tr "admin.auths.tip.oauth2_provider"}}</h5>
-			<div class="ui attached segment">
-				<li>Bitbucket</li>
-				<span>{{ctx.Locale.Tr "admin.auths.tip.bitbucket" "https://bitbucket.org/account/user/{your-username}/oauth-consumers/new"}}</span>
-				<li>Dropbox</li>
-				<span>{{ctx.Locale.Tr "admin.auths.tip.dropbox" "https://www.dropbox.com/developers/apps"}}</span>
-				<li>Facebook</li>
-				<span>{{ctx.Locale.Tr "admin.auths.tip.facebook" "https://developers.facebook.com/apps"}}</span>
-				<li>GitHub</li>
-				<span>{{ctx.Locale.Tr "admin.auths.tip.github" "https://github.com/settings/applications/new"}}</span>
-				<li>GitLab</li>
-				<span>{{ctx.Locale.Tr "admin.auths.tip.gitlab_new" "https://gitlab.com/-/profile/applications"}}</span>
-				<li>Google</li>
-				<span>{{ctx.Locale.Tr "admin.auths.tip.google_plus" "https://console.developers.google.com/"}}</span>
-				<li>OpenID Connect</li>
-				<span>{{ctx.Locale.Tr "admin.auths.tip.openid_connect"}}</span>
-				<li>Twitter</li>
-				<span>{{ctx.Locale.Tr "admin.auths.tip.twitter" "https://dev.twitter.com/apps"}}</span>
-				<li>Discord</li>
-				<span>{{ctx.Locale.Tr "admin.auths.tip.discord" "https://discordapp.com/developers/applications/me"}}</span>
-				<li>Gitea</li>
-				<span>{{ctx.Locale.Tr "admin.auths.tip.gitea" "https://docs.gitea.com/development/oauth2-provider"}}</span>
-				<li>Nextcloud</li>
-				<span>{{ctx.Locale.Tr "admin.auths.tip.nextcloud"}}</span>
-				<li>Yandex</li>
-				<span>{{ctx.Locale.Tr "admin.auths.tip.yandex" "https://oauth.yandex.com/client/new"}}</span>
-				<li>Mastodon</li>
-				<span>{{ctx.Locale.Tr "admin.auths.tip.mastodon"}}</span>
+			<div class="oauth2">
+				<h5>{{ctx.Locale.Tr "admin.auths.tips.oauth2.general"}}</h5>
+				<p>{{ctx.Locale.Tr "admin.auths.tips.oauth2.general.tip"}} <b id="oauth2-callback-url"></b></p>
+			</div>
+			<div class="oauth2 tw-mt-4">
+				<h5>{{ctx.Locale.Tr "admin.auths.tip.oauth2_provider"}}</h5>
+				<ul>
+					<li>
+						Bitbucket
+						<div>{{ctx.Locale.Tr "admin.auths.tip.bitbucket" "https://bitbucket.org/account/user/{your-username}/oauth-consumers/new"}}</div>
+					</li>
+					<li>
+						Dropbox
+						<div>{{ctx.Locale.Tr "admin.auths.tip.dropbox" "https://www.dropbox.com/developers/apps"}}</div>
+					</li>
+					<li>
+						Facebook
+						<div>{{ctx.Locale.Tr "admin.auths.tip.facebook" "https://developers.facebook.com/apps"}}</div>
+					</li>
+					<li>
+						GitHub
+						<div>{{ctx.Locale.Tr "admin.auths.tip.github" "https://github.com/settings/applications/new"}}</div>
+					</li>
+					<li>
+						GitLab
+						<div>{{ctx.Locale.Tr "admin.auths.tip.gitlab_new" "https://gitlab.com/-/profile/applications"}}</div>
+					</li>
+					<li>
+						Google
+						<div>{{ctx.Locale.Tr "admin.auths.tip.google_plus" "https://console.developers.google.com/"}}</div>
+					</li>
+					<li>
+						OpenID Connect
+						<div>{{ctx.Locale.Tr "admin.auths.tip.openid_connect"}}</div>
+					</li>
+					<li>
+						Twitter
+						<div>{{ctx.Locale.Tr "admin.auths.tip.twitter" "https://dev.twitter.com/apps"}}</div>
+					</li>
+					<li>
+						Discord
+						<div>{{ctx.Locale.Tr "admin.auths.tip.discord" "https://discordapp.com/developers/applications/me"}}</div>
+					</li>
+					<li>
+						Gitea
+						<div>{{ctx.Locale.Tr "admin.auths.tip.gitea" "https://docs.gitea.com/development/oauth2-provider"}}</div>
+					</li>
+					<li>
+						Nextcloud
+						<div>{{ctx.Locale.Tr "admin.auths.tip.nextcloud"}}</div>
+					</li>
+					<li>
+						Yandex
+						<div>{{ctx.Locale.Tr "admin.auths.tip.yandex" "https://oauth.yandex.com/client/new"}}</div>
+					</li>
+					<li>
+						Mastodon
+						<div>{{ctx.Locale.Tr "admin.auths.tip.mastodon"}}</div>
+					</li>
+				</ul>
 			</div>
 		</div>
 	</div>