arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity

Implement Bug #0000004 - Do not allow multiple committee members with the same email address

Browse Source
This commit is contained in:
james 2006-10-15 19:36:33 +00:00
parent 335330dd35
commit 9eef488a5d
1 changed files with 29 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
admin/committees.php
View File

@ -178,16 +178,36 @@ if($_POST['save'])
$access="access_admin='$a_admin', access_config='$a_config', access_super='$a_super', "; $access="access_admin='$a_admin', access_config='$a_config', access_super='$a_super', ";
} }
//check for unique email address
$q=mysql_query("SELECT id FROM committees_members WHERE (email='".$_POST['email']."' OR emailprivate='".$_POST['email']."') AND id!='".$_POST['save']."'");
if(mysql_num_rows($q))
{
$emailupdate="";
echo notice(i18n("Cannot update email address. That address already exists for a different committee member"));
}
else
$emailupdate="email='".mysql_escape_string(stripslashes($_POST['email']))."', ";
$q=mysql_query("SELECT id FROM committees_members WHERE (email='".$_POST['emailprivate']."' OR emailprivate='".$_POST['emailprivate']."') AND id!='".$_POST['save']."'");
if(mysql_num_rows($q))
{
$emailprivateupdate="";
echo notice(i18n("Cannot update private email address. That address already exists for a different committee member"));
}
else
$emailprivateupdate="emailprivate='".mysql_escape_string(stripslashes($_POST['emailprivate']))."', ";
mysql_query("UPDATE committees_members SET ". mysql_query("UPDATE committees_members SET ".
"name='".$_POST['name']."', ". "name='".mysql_escape_string(stripslashes($_POST['name']))."', ".
"password='".$_POST['password']."', ". "password='".mysql_escape_string(stripslashes($_POST['password']))."', ".
"organization='".$_POST['organization']."', ". "organization='".mysql_escape_string(stripslashes($_POST['organization']))."', ".
"email='".$_POST['email']."', ". $emailupdate.
"emailprivate='".$_POST['emailprivate']."', ". $emailprivateupdate.
"phonehome='".$_POST['phonehome']."', ". "phonehome='".mysql_escape_string(stripslashes($_POST['phonehome']))."', ".
"phonework='".$_POST['phonework']."', ". "phonework='".mysql_escape_string(stripslashes($_POST['phonework']))."', ".
"phonecell='".$_POST['phonecell']."', ". "phonecell='".mysql_escape_string(stripslashes($_POST['phonecell']))."', ".
"fax='".$_POST['fax']."', ". "fax='".mysql_escape_string(stripslashes($_POST['fax']))."', ".
$access. $access.
" displayemail='".$_POST['displayemail']."' ". " displayemail='".$_POST['displayemail']."' ".
" WHERE id='".$_POST['save']."'"); " WHERE id='".$_POST['save']."'");