fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-07 02:31:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

Fix unmodifiable fields being exposed in member info modification form

Browse source
This commit is contained in:
Kijin Sung 2023-06-27 22:23:47 +09:00
parent 62dfb38308
commit 089f375743
2 changed files with 6 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
modules/member/member.admin.view.php
View file

@ -497,13 +497,15 @@ class MemberAdminView extends Member
{
$member_config = $this->memberConfig = $oMemberModel->getMemberConfig();
}
$identifiers = $member_config->identifiers ?? [$member_config->identifier];
$identifiers = array_intersect($identifiers, ['user_id', 'email_address']);
global $lang;
$formTags = array();
foreach($member_config->signupForm as $no=>$formInfo)
{
if(!$formInfo->isUse || $formInfo->name == $member_config->identifier || $formInfo->name == 'password')
if(!$formInfo->isUse || in_array($formInfo->name, $identifiers) || $formInfo->name == 'password')
{
continue;
}

6
modules/member/member.controller.php
View file

@ -2993,7 +2993,8 @@ class MemberController extends Member
}
// Check if email address or user ID is duplicate
if($config->identifier == 'email_address')
$identifiers = $config->identifiers ?? [$config->identifier];
if(in_array('email_address', $identifiers))
{
$member_srl = MemberModel::getMemberSrlByEmailAddress($args->email_address);
if($member_srl && $args->member_srl != $member_srl)
@ -3002,14 +3003,13 @@ class MemberController extends Member
}
$args->email_address = $orgMemberInfo->email_address;
}
else
if(in_array('user_id', $identifiers))
{
$member_srl = MemberModel::getMemberSrlByUserID($args->user_id);
if($member_srl && $args->member_srl != $member_srl)
{
return new BaseObject(-1, 'msg_exists_user_id');
}
$args->user_id = $orgMemberInfo->user_id;
}