ThaMunsta/itflow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix issue with creating a contact without a user and then trying to create a user by editing the contact.

Browse Source
This commit is contained in:
johnnyq
2024-11-02 16:25:50 -04:00
parent ada0d52dc0
commit 593f09f6fd
1 changed files with 61 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files
post/user/contact.php
+20 -4
View File
@@ -130,7 +130,7 @@ if (isset($_POST['edit_contact'])) {
} }
if ($contact_user_id > 0) { if ($contact_user_id > 0) {
// Update Existing User
mysqli_query($mysqli, "UPDATE users SET user_name = '$name', user_email = '$email', user_auth_method = '$auth_method' WHERE user_id = $contact_user_id"); mysqli_query($mysqli, "UPDATE users SET user_name = '$name', user_email = '$email', user_auth_method = '$auth_method' WHERE user_id = $contact_user_id");
// Set password // Set password
@@ -139,8 +139,26 @@ if (isset($_POST['edit_contact'])) {
mysqli_query($mysqli, "UPDATE users SET user_password = '$password_hash' WHERE user_id = $contact_user_id"); mysqli_query($mysqli, "UPDATE users SET user_password = '$password_hash' WHERE user_id = $contact_user_id");
} }
} elseif ($contact_user_id == 0 && $name && $email && $auth_method) {
// Create New User
// Set password
if ($_POST['contact_password']) {
$password_hash = password_hash(trim($_POST['contact_password']), PASSWORD_DEFAULT);
} else {
// Set a random password
$password_hash = password_hash(randomString(), PASSWORD_DEFAULT);
}
mysqli_query($mysqli, "INSERT INTO users SET user_name = '$name', user_email = '$email', user_password = '$password_hash', user_auth_method = '$auth_method', user_type = 2");
$contact_user_id = mysqli_insert_id($mysqli);
// Set newly created user_id for the contact
mysqli_query($mysqli, "UPDATE contacts SET contact_user_id = '$contact_user_id' WHERE contact_id = $contact_id");
}
// Send contact a welcome e-mail, if specified // Send contact a welcome e-mail, if specified
if ($send_email && $auth_method && $config_smtp_host) { if ($send_email && $auth_method && $config_smtp_host && $contact_user_id) {
// Sanitize Config vars from get_settings.php // Sanitize Config vars from get_settings.php
$config_ticket_from_email = sanitizeInput($config_ticket_from_email); $config_ticket_from_email = sanitizeInput($config_ticket_from_email);
@@ -185,8 +203,6 @@ if (isset($_POST['edit_contact'])) {
} }
}
//Logging //Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = '$session_name modified contact $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $contact_id"); mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Contact', log_action = 'Modify', log_description = '$session_name modified contact $name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $contact_id");