Added error checking for adding/editing an account with no permissions. Also fixed a database locking problem.

2024-10-05 09:42:30 +02:00 · 2000-08-24 19:15:39 +00:00 · 2000-08-24 19:15:39 +00:00 · 3ccd788493
commit 3ccd788493
parent 108c265fb5
4 changed files with 13 additions and 3 deletions
--- a/admin/editaccount.php
+++ b/admin/editaccount.php
@ -32,8 +32,6 @@
     $phpgw->db->next_record();
     $lid = $phpgw->db->f("loginid");

-     $phpgw->db->lock(array('accounts','preferences','sessions'));
-
     if ($n_passwd || $n_passwd_2) {
        if ($n_passwd != $n_passwd_2)
           $error .= lang_admin("The two passwords are not the same");
@ -49,7 +47,11 @@
        }
     }

+     if (count($new_permissions) == 0)
+        $error .= "<br>" . lang_admin("You must add at least 1 permission to this account");
+
     if (! $error) {
+        $phpgw->db->lock(array('accounts','preferences','sessions'));
 	if ($n_passwd) {
           $phpgw->db->query("update accounts set passwd='" . md5($n_passwd) . "', "
 		          . "lastpasswd_change='" . time() . "' where loginid='"
@ -101,8 +103,8 @@
 			   . "$n_account_status', groups='"
 			   . $phpgw->groups->array_to_string("none",$n_groups)
 			   . "' where loginid='$n_loginid'");
-        $phpgw->db->unlock();

+        $phpgw->db->unlock();
        Header("Location: " . $phpgw->link("accounts.php", "cd=$cd"));
        exit;
     }		// if ! $error
--- a/admin/lang/en_admin.inc.php
+++ b/admin/lang/en_admin.inc.php
@ -43,6 +43,9 @@
       case "edit group":		$s = "Edit Group";			break;
       case "submit changes":		$s = "Submit Changes";		break;

+       case "you must add at least 1 permission to this account":
+	$s = "You must add at least 1 permission to this account";	break;
+
       case "installed applications":
 	$s = "Installed applications";						break;

--- a/admin/newaccount.php
+++ b/admin/newaccount.php
@ -28,6 +28,9 @@
     if ($n_passwd != $n_passwd_2)
        $error .= "<br>" . lang_admin("The two passwords are not the same");

+     if (count($new_permissions) == 0)
+        $error .= "<br>" . lang_admin("You must add at least 1 permission to this account");
+
     $phpgw->db->query("select loginid from accounts where loginid='$n_loginid'");
     $phpgw->db->next_record();
     if ($phpgw->db->f("loginid"))
--- a/doc/CHANGELOG
+++ b/doc/CHANGELOG
@ -3,6 +3,8 @@
 	   - on group creation the files directory tried to be created in
 	     "filemanager/groups/" instead of in "files/groups/" - fixed.
 	     Same for the user directory.
+	   - Added error checking for creating/editing an account with no permissions.
+	   - Fixed a db->unlock() issue in editaccount.php

 [08212000] - removed db_lock() and db_unlock()  I changed the phpgw_db_* to use them
 	     properly