summaryrefslogtreecommitdiff
path: root/includes/account.php
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2012-04-19 00:28:31 +0200
committerMichael Tänzer <neo@nhng.de>2012-04-19 00:28:31 +0200
commit1e98bc7a794467ef437f17b826cecd5ccb9fe6d2 (patch)
tree552974fedcdc2bd0e36abc774d73a7e9a3e4d227 /includes/account.php
parent2f25d338d1f7ffe9b0b1e843fa5650f284b0c52a (diff)
downloadcacert-devel-1e98bc7a794467ef437f17b826cecd5ccb9fe6d2.tar.gz
cacert-devel-1e98bc7a794467ef437f17b826cecd5ccb9fe6d2.tar.xz
cacert-devel-1e98bc7a794467ef437f17b826cecd5ccb9fe6d2.zip
bug 967: Implement check for Assurer before adding as OrgAdminbug-967
Signed-off-by: Michael Tänzer <neo@nhng.de>
Diffstat (limited to 'includes/account.php')
-rw-r--r--includes/account.php17
1 files changed, 15 insertions, 2 deletions
diff --git a/includes/account.php b/includes/account.php
index 554713e..72165df 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -2289,8 +2289,21 @@
$_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), sanitizeHTML($_REQUEST['email']));
} else {
$row = mysql_fetch_assoc($res);
- mysql_query("insert into `org` set `memid`='".intval($row['id'])."', `orgid`='".intval($_SESSION['_config']['orgid'])."',
- `masteracc`='$masteracc', `OU`='$OU', `comments`='$comments'");
+ if ( !is_assurer(intval($row['id'])) )
+ {
+ $id = $oldid;
+ $oldid=0;
+ $_SESSION['_config']['errmsg'] =
+ _("The user is not an Assurer yet");
+ } else {
+ mysql_query(
+ "insert into `org`
+ set `memid`='".intval($row['id'])."',
+ `orgid`='".intval($_SESSION['_config']['orgid'])."',
+ `masteracc`='$masteracc',
+ `OU`='$OU',
+ `comments`='$comments'");
+ }
}
}