Skip to content

Commit

Permalink
BUGFIX Fixing Member_ProfileForm to validate for existing members via…
Browse files Browse the repository at this point in the history 
… Member_Validator to avoid CMS users to switch to another existing user account by using their email address (from r100704) (from r100717)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@100744 467b73ca-7a2a-4603-9d3b-597d59a354a9
  • Loading branch information
@chillu
chillu authored and Sam Minnee committed Feb 2, 2011
1 parent da691ec commit e3c6732
Showing 1 changed file with 6 additions and 4 deletions.
10 changes: 6 additions & 4 deletions security/Member.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1245,18 +1245,20 @@ function __construct($controller, $name, $member) {
new FormAction('dosave',_t('CMSMain.SAVE'))
);

$validator = new RequiredFields(

);
$validator = new Member_Validator();

parent::__construct($controller, $name, $fields, $actions, $validator);

$this->loadDataFrom($member);
}

function dosave($data, $form) {
$SQL_data = Convert::raw2sql($data);
// don't allow ommitting or changing the ID
if(!isset($data['ID']) || $data['ID'] != Member::currentUserID()) {
return Director::redirectBack();
}

$SQL_data = Convert::raw2sql($data);
$member = DataObject::get_by_id("Member", $SQL_data['ID']);

if($SQL_data['Locale'] != $member->Locale) {
Expand Down

0 comments on commit e3c6732

Please sign in to comment.