From 6b963b4a679d9af06a0e4018ba739fb327227fda Mon Sep 17 00:00:00 2001
From: Nathan Kinkade <nath@nkinka.de>
Date: Wed, 16 Mar 2011 14:47:23 +0000
Subject: Allow users to change their login, but when searching for duplicates,
 don't include current id.

---
 edit_account.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'edit_account.php')

diff --git a/edit_account.php b/edit_account.php
index e456162..73ec9bd 100644
--- a/edit_account.php
+++ b/edit_account.php
@@ -16,8 +16,6 @@ include("config.php");
 # not then this function will send them back to the index page
 loginRequired();
 
-# if the user got here by pressing the "Register" button, then
-# let's process is his request.
 if ( isset($_POST['action']) && ($_POST['action'] == "editUser") ) {
 
 	# validate the form .. this is already done through javascript, but we
@@ -70,8 +68,10 @@ if ( isset($_POST['action']) && ($_POST['action'] == "editUser") ) {
 	$sql = sprintf ("
 		SELECT * FROM users
 		WHERE username = '%s'
+			AND id != '%s'
 		",
-		trim($_POST['username'])
+		trim($_POST['username']),
+		$_SESSION['user']['id']
 	);
 	$db->Select($sql);
 	if ( $db->_rowCount > 0 ) {
-- 
cgit v1.2.3