From 506982f1b19b8d24c5947d7d8aa201892a5a425c Mon Sep 17 00:00:00 2001 From: Grisu Date: Thu, 15 Sep 2022 10:32:13 +0200 Subject: [PATCH] fixed bug where you can't change the station which a station account belongs to --- app/public/edit_user.php | 8 +++++++- app/scripts/database_queries.php | 11 +++++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/app/public/edit_user.php b/app/public/edit_user.php index db3d8e4..1cb6aa8 100644 --- a/app/public/edit_user.php +++ b/app/public/edit_user.php @@ -23,13 +23,19 @@ } if($user['user_group'] != $user_group) { - if($_POST['user_group'] == "station") { + if($user_group == "station") { change_user_group($con, $id, $user_group, $bind_station); } else { change_user_group($con, $id, $user_group, NULL); } } + if($user['s_id'] != $bind_station) { + if ($user_group == "station") { + change_s_id($con, $id, $bind_station); + } + } + if(!empty($password)) { $phash = generate_password_hash($password, $user['salt']); change_password($con, $id, $phash); diff --git a/app/scripts/database_queries.php b/app/scripts/database_queries.php index 7ebfcf3..e03befa 100644 --- a/app/scripts/database_queries.php +++ b/app/scripts/database_queries.php @@ -260,6 +260,17 @@ function change_password($con, $id, $password) { } } +function change_s_id($con, $id, $s_id) { + try { + $stmt = $con->prepare("UPDATE users SET s_id = ? WHERE id= ?"); + $stmt->bindParam(1, $s_id, PDO::PARAM_INT); + $stmt->bindParam(2, $id, PDO::PARAM_STR); + $stmt->execute(); + } catch(PDOException $e) { + handle_pdo_exception($e); + } +} + function get_result($con, $m_id, $s_id) { try { $stmt = $con->prepare("SELECT P.*, M.name as name, M.feuerwehr as feuerwehr FROM Punkte P, Mannschaft M WHERE M.m_id = P.m_id AND P.m_id = ? AND P.s_id = ?");