From a6544f40c429371f0db58d0dfc1c15b894ab0f62 Mon Sep 17 00:00:00 2001
From: jacob <jacob>
Date: Thu, 2 Dec 2010 16:33:04 +0000
Subject: [PATCH] Added an error check in saving the user, avoiding duplicate
 keys on an insert if bad data is passed in.  Touched up the error output to
 make finding errors a pinch easier.

---
 user.inc.php | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/user.inc.php b/user.inc.php
index 3f76717..6264f36 100644
--- a/user.inc.php
+++ b/user.inc.php
@@ -636,7 +636,7 @@ function user_save(&$u)
 		mysql_query("UPDATE user_roles SET active='{$u['roles'][$r]['active']}' WHERE roles_id='{$u['roles'][$r]['roles_id']}' AND users_id='{$u['id']}'");
 		if(mysql_error() != '') break;
 	}
-	if(mysql_error() != '') return mysql_error();
+	if(mysql_error() != '') return "SQLERR1: " . mysql_error();
 
 	$fields = array('salutation','firstname','lastname',
 			'phonehome','phonework','phonecell','fax','organization',
@@ -681,7 +681,7 @@ function user_save(&$u)
 		$query = "UPDATE users SET $set WHERE id='{$u['id']}'";
 		mysql_query($query);
 	}
-	if(mysql_error() != '') return mysql_error();
+	if(mysql_error() != '') return "SQLERR2: " . mysql_error();
 
 	// Save the other user data that is not stored in the users table
 
@@ -697,7 +697,7 @@ function user_save(&$u)
 			mysql_query($query);
 		}
 	}
-	if(mysql_error() != '') return mysql_error();
+	if(mysql_error() != '') return "SQLERR3: " . mysql_error();
 
 	if( // if this user has an altered available judging times selection, we need to save it
 		array_key_exists('available_times', $u) &&
@@ -721,7 +721,7 @@ function user_save(&$u)
 			mysql_query($query);
 		}
 	}
-	if(mysql_error() != '') return mysql_error();
+	if(mysql_error() != '') return "SQLERR3: " . mysql_error();
 
 	if( // if this user has an altered event availability selection, we need to save it
 		array_key_exists('available_events', $u) &&
@@ -729,13 +729,14 @@ function user_save(&$u)
 	){
 		mysql_query("DELETE FROM schedule_users_availability_link WHERE users_id = {$u['id']}");
 		if(count($u['available_events']) > 0){
-			$query = "INSERT INTO schedule_users_availability_link (users_id, schedule_id) VALUES (" . $u['id'] . ", ";
-			$query .= implode('), (' . $u['id'] . ', ', $u['available_events']);
-			$query .= ")";
-			mysql_query($query);
+			$eventList = array_unique($u['available_events']);
+			foreach($eventList as $eventId){
+				$query = "INSERT INTO schedule_users_availability_link (users_id, schedule_id) VALUES (" . $u['id'] . ", " . $eventId . ")";
+				mysql_query($query);
+			}
 		}
 	}
-	if(mysql_error() != '') return mysql_error();
+	if(mysql_error() != '') return "SQLERR4: " . mysql_error();
 
 	if( // if this user has an altered selection of volunteer positions, we'll need to change that too
 		array_key_exists('volunteer_positions', $u) &&
@@ -749,7 +750,7 @@ function user_save(&$u)
 			mysql_query($query);
 		}
 	}
-	if(mysql_error() != '') return mysql_error();
+	if(mysql_error() != '') return "SQLERR5: " . mysql_error();
 
 	/* Record all the data in orig that we saved so subsequent
 	 * calls to user_save don't try to overwrite data already