fix #7789 - block duplicate email address

author Alan <alan@roojs.com>

Thu, 7 Sep 2023 04:46:14 +0000 (12:46 +0800)

committer Alan <alan@roojs.com>

Thu, 7 Sep 2023 04:46:14 +0000 (12:46 +0800)
author Alan <alan@roojs.com>
Thu, 7 Sep 2023 04:46:14 +0000 (12:46 +0800)
committer Alan <alan@roojs.com>
Thu, 7 Sep 2023 04:46:14 +0000 (12:46 +0800)
diff --git a/DataObjects/Core_person.php b/DataObjects/Core_person.php

index 27fce2e..982c4db 100644 (file)
--- a/DataObjects/Core_person.php
+++ b/DataObjects/Core_person.php
@@ -1453,7 +1453,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
          $p = DB_DataObject::factory('core_person');
          if ($roo->authUser->id > -1 ||  $p->count() > 1) {
              $pp = DB_DataObject::factory('core_person');
-            $pp->email  =  trim($this->email);
+            $pp->whereAdd('LOWER(email) = "' . $pp->escape(strtolower(trim($this->email))) . '"');
              if ($pp->count()){
                  $roo->jerr("that email already exists in the database");
              }
@@ -1624,9 +1624,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
          $ff= HTML_FlexyFramework::get();
          
          $appname = empty($ff->appNameShort) ? $ff->project : $ff->project . '-' . $ff->appNameShort;
-        
          $dname = method_exists($this, 'getDatabaseConnection') ? $this->getDatabaseConnection()->dsn['database'] : $this->databaseNickname();
-        
          $sesPrefix = $appname.'-' .get_class($this) .'-' . $dname;
  
          return $sesPrefix;
@@ -1635,9 +1633,7 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
      function loginPublic() // used where???
      {
          $this->isAuth(); // force session start..
-         
          $db = $this->getDatabaseConnection();
-        
          $ff = HTML_FlexyFramework::get();
          
          if(empty($ff->Pman) || empty($ff->Pman['login_public'])){
@@ -1657,6 +1653,16 @@ class Pman_Core_DataObjects_Core_person extends DB_DataObject
      function beforeUpdate($old, $q, $roo)
      {
          $this->email = trim($this->email);
+
+        $p = DB_DataObject::factory('core_person');
+        if ($roo->authUser->id > -1 ||  $p->count() > 1) {
+            $pp = DB_DataObject::factory('core_person');
+            $pp->whereAdd('LOWER(email) = "' . $pp->escape(strtolower(trim($this->email))) . '"');
+            $pp->whereAdd('id != ' . $old->id);
+            if ($pp->count()){
+                $roo->jerr("that email already exists in the database");
+            }
+        }
      }
      
      function generateOathKey()
author	Alan <alan@roojs.com>
	Thu, 7 Sep 2023 04:46:14 +0000 (12:46 +0800)
committer	Alan <alan@roojs.com>
	Thu, 7 Sep 2023 04:46:14 +0000 (12:46 +0800)