Fix the login so it authenticates on the right record -- there is probably other stuff wrong if this is happening, but this is the easiest fix for now. There should never be two records in the users table with the same username/emailaddress, it should use the multi-role stuff... but this change will also work with multi-role anyways once the cause of this is fixed (registering as a volunteer when you're already a committee member creates a new record in the users table, instead of attaching you to the old one).

user_login.php

@@ -26,7 +26,7 @@
  require_once("common.inc.php");
  require_once("user.inc.php");
 
- function try_login($user, $pass)
+ function try_login($user, $pass, $type=null)
  {
 	/* Ensure sanity of inputs, user should be an email address, but it's stored
 	 * in the username field */
@@ -40,10 +40,12 @@
 	//$x = user_valid_password($pass);
 	if(!strlen($pass))
 		return false;
+	if($type) $typequery=" AND types LIKE '%$type%'"; else $typequery="";
 
 	$q = mysql_query("SELECT id,username,password 
 				FROM users 
 				WHERE username='$user'
+				$typequery
 				AND deleted='no'");
 	echo mysql_error();
 	if(mysql_num_rows($q) != 1) return false;
@@ -101,7 +103,7 @@
  {
  	if($_POST['pass'] && $_POST['user'])
 	{
-		$id = try_login($_POST['user'], $_POST['pass']);
+		$id = try_login($_POST['user'], $_POST['pass'],$type);
 		if($id == false) {
 			header("location: user_login.php?type=$type&notice=login_failed");
 			exit;