bug 967: Implement check for Assurer before adding as OrgAdminbug-967

Signed-off-by: Michael Tänzer <neo@nhng.de>
author: Michael Tänzer <neo@nhng.de> 2012-04-19 00:28:31 +0200
committer: Michael Tänzer <neo@nhng.de> 2012-04-19 00:28:31 +0200
commit: 1e98bc7a794467ef437f17b826cecd5ccb9fe6d2 (patch)
tree: 552974fedcdc2bd0e36abc774d73a7e9a3e4d227
parent: 2f25d338d1f7ffe9b0b1e843fa5650f284b0c52a (diff)
download: cacert-devel-bug-967.tar.gz
cacert-devel-bug-967.tar.xz
cacert-devel-bug-967.zip
1 files changed, 15 insertions, 2 deletions
diff --git a/includes/account.php b/includes/account.php
index 554713e..72165df 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -2289,8 +2289,21 @@
 			$_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), sanitizeHTML($_REQUEST['email']));
 		} else {
 			$row = mysql_fetch_assoc($res);
-			mysql_query("insert into `org` set `memid`='".intval($row['id'])."', `orgid`='".intval($_SESSION['_config']['orgid'])."',
-					`masteracc`='$masteracc', `OU`='$OU', `comments`='$comments'");
+			if ( !is_assurer(intval($row['id'])) )
+			{
+				$id = $oldid;
+				$oldid=0;
+				$_SESSION['_config']['errmsg'] =
+						_("The user is not an Assurer yet");
+			} else {
+				mysql_query(
+					"insert into `org`
+						set `memid`='".intval($row['id'])."',
+							`orgid`='".intval($_SESSION['_config']['orgid'])."',
+							`masteracc`='$masteracc',
+							`OU`='$OU',
+							`comments`='$comments'");
+			}
 		}
 	}
author	Michael Tänzer <neo@nhng.de>	2012-04-19 00:28:31 +0200
committer	Michael Tänzer <neo@nhng.de>	2012-04-19 00:28:31 +0200
commit	1e98bc7a794467ef437f17b826cecd5ccb9fe6d2 (patch)
tree	552974fedcdc2bd0e36abc774d73a7e9a3e4d227
parent	2f25d338d1f7ffe9b0b1e843fa5650f284b0c52a (diff)
download	cacert-devel-bug-967.tar.gz cacert-devel-bug-967.tar.xz cacert-devel-bug-967.zip