diff --git a/app/extensions/extension_edit.php b/app/extensions/extension_edit.php index 610976944d..89b31d729f 100644 --- a/app/extensions/extension_edit.php +++ b/app/extensions/extension_edit.php @@ -263,7 +263,7 @@ //add the user to the database $user_email = ''; - if ($_SESSION["user"]["unique"]["text"] != "global") { + if ($_SESSION["users"]["unique"]["text"] != "global") { if ($autogen_users == "true") { $auto_user = $extension; for ($i=1; $i<=$range; $i++) { diff --git a/core/users/user_edit.php b/core/users/user_edit.php index a9113cd4ea..cdc4df48fa 100644 --- a/core/users/user_edit.php +++ b/core/users/user_edit.php @@ -144,21 +144,22 @@ if ($username == '') { message::add($text['message-required'].$text['label-username'], 'negative', 7500); } - if (permission_exists('user_edit') && $action == 'edit') { - if ($username != $username_old && $username != '') { - $sql = "select count(*) from v_users where username = :username "; - if ($_SESSION["user"]["unique"]["text"] != "global") { - $sql .= "and domain_uuid = :domain_uuid "; - $parameters['domain_uuid'] = $domain_uuid; - } - $parameters['username'] = $username; - $database = new database; - $num_rows = $database->select($sql, $parameters, 'column'); - if ($num_rows > 0) { - message::add($text['message-username_exists'], 'negative', 7500); - } - unset($sql); + if ( + (permission_exists('user_edit') && $action == 'edit' && $username != $username_old && $username != '') || + (permission_exists('user_add') && $action == 'add' && $username != '') + ) { + $sql = "select count(*) from v_users where username = :username "; + if ($_SESSION["users"]["unique"]["text"] != "global") { + $sql .= "and domain_uuid = :domain_uuid "; + $parameters['domain_uuid'] = $domain_uuid; } + $parameters['username'] = $username; + $database = new database; + $num_rows = $database->select($sql, $parameters, 'column'); + if ($num_rows > 0) { + message::add($text['message-username_exists'], 'negative', 7500); + } + unset($sql); } if ($password != '' && $password != $password_confirm) { message::add($text['message-password_mismatch'], 'negative', 7500); @@ -561,6 +562,7 @@ $contact_name_given = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['contact_name_given']; $contact_name_family = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['contact_name_family']; $contact_organization = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['contact_organization']; + $group_uuid_name = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['group_uuid_name']; $user_settings["message"]["key"]["text"] = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['message_key']; $unsaved = true; @@ -1055,10 +1057,10 @@ echo ""; if (permission_exists("user_edit") && permission_exists('user_setting_view') && $action == 'edit') { - require $_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/core/user_settings/user_settings.php"; + require $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/core/user_settings/user_settings.php"; } //include the footer require_once "resources/footer.php"; -?> +?> \ No newline at end of file diff --git a/resources/classes/domains.php b/resources/classes/domains.php index 2d031759a8..a2258c4a84 100644 --- a/resources/classes/domains.php +++ b/resources/classes/domains.php @@ -63,7 +63,9 @@ if (!class_exists('domains')) { $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); //unset all settings foreach ($result as $row) { - unset($_SESSION[$row['default_setting_category']]); + if ($row['default_setting_category'] != 'user') { //skip off-limit categories + unset($_SESSION[$row['default_setting_category']]); + } } //set the enabled settings as a session foreach ($result as $row) {