From 2154ed5cc18bb088722f7c497cadc193f7f481de Mon Sep 17 00:00:00 2001 From: Chris Cormack Date: Mon, 1 Oct 2007 20:39:59 -0500 Subject: [PATCH] Fix for 1431, checking userid is unique Signed-off-by: Chris Cormack --- C4/Members.pm | 23 +++++++++++++++++++++-- members/memberentry.pl | 29 +++++++++++++++++++---------- 2 files changed, 40 insertions(+), 12 deletions(-) diff --git a/C4/Members.pm b/C4/Members.pm index 4f3d692547..8ecb68baa9 100644 --- a/C4/Members.pm +++ b/C4/Members.pm @@ -113,6 +113,7 @@ push @EXPORT, qw( push @EXPORT, qw( &checkuniquemember &checkuserpassword + &Check_Userid &fixEthnicity ðnicitycategories &fixup_cardnumber @@ -750,6 +751,24 @@ sub AddMember { return $data{'borrowernumber'}; } +sub Check_Userid { + my ($uid,$member) = @_; + my $dbh = C4::Context->dbh; + # Make sure the userid chosen is unique and not theirs if non-empty. If it is not, + # Then we need to tell the user and have them create a new one. + my $sth = + $dbh->prepare( + "SELECT * FROM borrowers WHERE userid=? AND borrowernumber != ?"); + $sth->execute( $uid, $member ); + if ( ( $uid ne '' ) && ( my $row = $sth->fetchrow_hashref ) ) { + return 0; + } + else { + return 1; + } +} + + sub changepassword { my ( $uid, $member, $digest ) = @_; my $dbh = C4::Context->dbh; @@ -758,9 +777,9 @@ sub changepassword { #Then we need to tell the user and have them create a new one. my $sth = $dbh->prepare( - "select * from borrowers where userid=? and borrowernumber != ?"); + "SELECT * FROM borrowers WHERE userid=? AND borrowernumber != ?"); $sth->execute( $uid, $member ); - if ( ( $uid ne '' ) && ( $sth->fetchrow ) ) { + if ( ( $uid ne '' ) && ( my $row = $sth->fetchrow_hashref ) ) { return 0; } else { diff --git a/members/memberentry.pl b/members/memberentry.pl index 719cb823dd..3257dfc2fc 100755 --- a/members/memberentry.pl +++ b/members/memberentry.pl @@ -166,12 +166,12 @@ if ($op eq 'insert' || $op eq 'modify' || $op eq 'save') { # } # STEP 3 if ($op eq 'insert'){ - # this value show if the login and password are been used - my $loginexist=checkuserpassword($borrowernumber,$data{'userid'},$data{'password'}); - # test to know if u must save or create the borrowers - if ($loginexist) { - push @errors, "ERROR_login_exist"; - $nok=1; + my $loginexist; + # Check if the userid is unique + if ( !Check_Userid($data{'userid'},$borrowernumber)) { + push @errors, "ERROR_login_exist"; + $loginexist = 1; + $nok=1; } else { $borrowernumber = &AddMember(%newdata); if ($data{'organisations'}){ @@ -210,13 +210,22 @@ if ($op eq 'insert' || $op eq 'modify' || $op eq 'save') { # } if ($op eq 'save'){ - # test to know if another user have the same password and same login - &ModMember(%newdata); - print $input->redirect("/cgi-bin/koha/members/moremember.pl?borrowernumber=$borrowernumber"); + # test to know if another user have the same password and same login + my $loginexist; + # Check if the userid is unique + if ( !Check_Userid($data{'userid'},$borrowernumber)) { + push @errors, "ERROR_login_exist"; + $loginexist = 1; + $nok=1; + } + if (!$loginexist){ + &ModMember(%newdata); + print $input->redirect("/cgi-bin/koha/members/moremember.pl?borrowernumber=$borrowernumber"); + } } if ($delete){ - print $input->redirect("/cgi-bin/koha/deletemem.pl?member=$borrowernumber"); + print $input->redirect("/cgi-bin/koha/deletemem.pl?member=$borrowernumber"); } if ($nok){ $op="add" if ($op eq "insert"); -- 2.39.5