arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity

Detect exact email address matches regardless of the name that goes with it, and dont let them submit

Browse Source
This commit is contained in:
james 2009-10-09 15:04:45 +00:00
parent 5aa7cf541a
commit 1f244c8375
1 changed files with 46 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
admin/donors.php
View File

@ -125,29 +125,54 @@ switch($_GET['action']) {
break; break;
case 'newcontactsearch': case 'newcontactsearch':
$searchstr="1 ";
if($_POST['firstname'])
$searchstr.=" AND firstname LIKE '%".$_POST['firstname']."%'";
if($_POST['lastname'])
$searchstr.=" AND lastname LIKE '%".$_POST['lastname']."%'";
if($_POST['email'])
$searchstr.=" AND email LIKE '%".$_POST['email']."%'";
$q=mysql_query("SELECT *,MAX(year) FROM users WHERE $searchstr GROUP BY uid HAVING deleted='no'"); if($_POST['email'])
$num=mysql_num_rows($q); $q=mysql_query("SELECT *,MAX(year) FROM users WHERE email='".trim($_POST['email'])."' GROUP BY uid HAVING deleted='no'");
if($num==0) {
echo i18n("No existing users match, will create a new user"); if($r=mysql_fetch_object($q)) {
} echo i18n("There is an exact email address match for %1",array($_POST['email']));
else if($num<15) { echo "<ul>";
echo i18n("Did you mean one of these existing users? (click to choose one)")."<br />";
echo "<ul>";
while($r=mysql_fetch_object($q)) {
echo "<li><a href=\"#\" onclick=\"useexistingcontact($r->uid)\">$r->firstname $r->lastname $r->email $r->phonehome</a></li>\n"; echo "<li><a href=\"#\" onclick=\"useexistingcontact($r->uid)\">$r->firstname $r->lastname $r->email $r->phonehome</a></li>\n";
} echo "</ul>";
echo "</ul>";
?>
<script type="text/javascript">
$("#contactnewsave").attr("disabled","disabled");
</script>
<?
} }
else { else {
echo i18n("There are %1 existing users that match, please enter more details",array($num)); ?>
<script type="text/javascript">
$("#contactnewsave").attr("disabled","");
</script>
<?
$searchstr="1 ";
if($_POST['firstname'])
$searchstr.=" AND firstname LIKE '%".$_POST['firstname']."%'";
if($_POST['lastname'])
$searchstr.=" AND lastname LIKE '%".$_POST['lastname']."%'";
if($_POST['email'])
$searchstr.=" AND email LIKE '%".$_POST['email']."%'";
$q=mysql_query("SELECT *,MAX(year) FROM users WHERE $searchstr GROUP BY uid HAVING deleted='no'");
$num=mysql_num_rows($q);
if($num==0) {
echo i18n("No existing users match, will create a new user");
}
else if($num<15) {
echo i18n("Did you mean one of these existing users? (click to choose one)")."<br />";
echo "<ul>";
while($r=mysql_fetch_object($q)) {
echo "<li><a href=\"#\" onclick=\"useexistingcontact($r->uid)\">$r->firstname $r->lastname $r->email $r->phonehome</a></li>\n";
}
echo "</ul>";
}
else {
echo i18n("There are %1 existing users that match, please enter more details",array($num));
}
} }
echo "<br />"; echo "<br />";
exit; exit;
@ -337,6 +362,7 @@ function draw_contact_form($sponsor_id, $contact = null){
if($id == "new"){ if($id == "new"){
echo "<input type=\"hidden\" name=\"recordtype\" value=\"new\">\n"; echo "<input type=\"hidden\" name=\"recordtype\" value=\"new\">\n";
$newcontactsearch="onkeypress=\"return newcontactsearch()\""; $newcontactsearch="onkeypress=\"return newcontactsearch()\"";
$newcontactsave="id=\"contactnewsave\"";
}else{ }else{
echo "<input type=\"hidden\" name=\"recordtype\" value=\"existing\">\n"; echo "<input type=\"hidden\" name=\"recordtype\" value=\"existing\">\n";
echo "<input type=\"hidden\" name=\"userid\" value=\"" . $id . "\">\n"; echo "<input type=\"hidden\" name=\"userid\" value=\"" . $id . "\">\n";
@ -392,7 +418,7 @@ function draw_contact_form($sponsor_id, $contact = null){
<label><?=i18n("No")?><input type="radio" name="primary" value="no" <?php if($contact['primary'] != 'yes') echo "CHECKED";?>></label> <label><?=i18n("No")?><input type="radio" name="primary" value="no" <?php if($contact['primary'] != 'yes') echo "CHECKED";?>></label>
</td> </td>
<?php <?php
echo "<td align=\"center\"><input type=\"submit\" value=\"" . i18n("Save") . "\" onClick=\"return contactsinfo_save('" . $id . "')\" /></td>"; echo "<td align=\"center\"><input $newcontactsave type=\"submit\" value=\"" . i18n("Save") . "\" onClick=\"return contactsinfo_save('" . $id . "')\" /></td>";
echo "<td>"; echo "<td>";
if($id != "new") if($id != "new")
echo "<input type=\"submit\" value=\"" . i18n("Remove") . "\" onClick=\"return contactsinfo_delete('" . $id . "')\" />"; echo "<input type=\"submit\" value=\"" . i18n("Remove") . "\" onClick=\"return contactsinfo_delete('" . $id . "')\" />";