Commit 1b242bc0 authored by François Jacquet's avatar François Jacquet
Browse files

Fix SQL errors when Creating User Food Service account / barcode

parent 32d916c8
......@@ -26,7 +26,7 @@ if($_REQUEST['modfunc']=='update')
}
else
{
$RET = DBGet(DBQuery("SELECT ACCOUNT_ID FROM FOOD_SERVICE_STUDENT_ACCOUNTS WHERE BARCODE='".trim($_REQUEST['food_service']['BARCODE']))."'");
$RET = DBGet(DBQuery("SELECT ACCOUNT_ID FROM FOOD_SERVICE_STUDENT_ACCOUNTS WHERE BARCODE='".trim($_REQUEST['food_service']['BARCODE'])."'"));
if($RET)
{
$student_RET = DBGet(DBQuery("SELECT s.FIRST_NAME||' '||s.LAST_NAME AS FULL_NAME FROM STUDENTS s,FOOD_SERVICE_STUDENT_ACCOUNTS fssa WHERE s.STUDENT_ID=fssa.STUDENT_ID AND fssa.ACCOUNT_ID='".$RET[1]['ACCOUNT_ID']."'"));
......@@ -64,7 +64,11 @@ if($_REQUEST['modfunc']=='update')
if($_REQUEST['modfunc']=='create')
{
if(UserStaffID() && AllowEdit())
if ( UserStaffID()
&& AllowEdit()
&& ! DBGet( DBQuery( "SELECT 1
FROM FOOD_SERVICE_STAFF_ACCOUNTS
WHERE STAFF_ID='" . UserStaffID() . "'" ) ) )
{
$fields = 'STAFF_ID,BALANCE,TRANSACTION_ID,';
$values = "'".UserStaffID()."','0.00','0',";
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment