diff --git a/core/users/signup.php b/core/users/signup.php index 75c7872041..458dac1b8e 100644 --- a/core/users/signup.php +++ b/core/users/signup.php @@ -99,7 +99,7 @@ if (count($_POST) > 0 && check_str($_POST["persistform"]) != "1") { $sql = "select * from v_users "; $sql .= "where username = '$username' "; if ($_SESSION["user"]["unique"]["text"] != "global") { - $sql .= "and domain_uuid = '$domain_uuid' "; + $sql .= "and domain_uuid = '".$_SESSION['domain_uuid']."' "; } //$sql .= "and user_enabled = 'true' "; $prep_statement = $db->prepare(check_sql($sql)); @@ -154,7 +154,7 @@ if (count($_POST) > 0 && check_str($_POST["persistform"]) != "1") { $sql .= ") "; $sql .= "values "; $sql .= "("; - $sql .= "'".$domain_uuid."', "; + $sql .= "'".$_SESSION['domain_uuid']."', "; $sql .= "'".$user_uuid."', "; $sql .= "'".$contact_uuid."', "; $sql .= "'".$username."', "; @@ -181,7 +181,7 @@ if (count($_POST) > 0 && check_str($_POST["persistform"]) != "1") { $sql .= "values "; $sql .= "("; $sql .= "'".$group_user_uuid."', "; - $sql .= "'".$domain_uuid."', "; + $sql .= "'".$_SESSION['domain_uuid']."', "; $sql .= "'".$group_name."', "; $sql .= "'".$group_uuid."', "; $sql .= "'".$user_uuid."' "; @@ -204,7 +204,7 @@ if (count($_POST) > 0 && check_str($_POST["persistform"]) != "1") { $sql .= ") "; $sql .= "values "; $sql .= "("; - $sql .= "'".$domain_uuid."', "; + $sql .= "'".$_SESSION['domain_uuid']."', "; $sql .= "'".$contact_uuid."', "; $sql .= "'user', "; $sql .= "'".$contact_organization."', "; @@ -227,7 +227,7 @@ if (count($_POST) > 0 && check_str($_POST["persistform"]) != "1") { $sql .= "values "; $sql .= "("; $sql .= "'".$contact_email_uuid."', "; - $sql .= "'".$domain_uuid."', "; + $sql .= "'".$_SESSION['domain_uuid']."', "; $sql .= "'".$contact_uuid."', "; $sql .= "'".$user_email."', "; $sql .= "1 "; @@ -319,11 +319,9 @@ if (count($_POST) > 0 && check_str($_POST["persistform"]) != "1") { echo " "; $sql = "select * from v_groups "; - $sql .= "where (domain_uuid = '".$domain_uuid."' or domain_uuid is null) "; + $sql .= "where (domain_uuid = '".$_SESSION['domain_uuid']."' or domain_uuid is null) "; $sql .= "order by domain_uuid desc, group_name asc "; $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->bindParam(':domain_uuid', $domain_uuid); - $prep_statement->execute(); $prep_statement->execute(); $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); echo "