diff --git a/src/mibew/operator/operator.php b/src/mibew/operator/operator.php index 57df2b50..77a80d88 100644 --- a/src/mibew/operator/operator.php +++ b/src/mibew/operator/operator.php @@ -29,9 +29,21 @@ $errors = array(); $opId = ''; loadsettings(); -if (isset($_POST['login']) && isset($_POST['password'])) { +if ((isset($_POST['opid']) || isset($_POST['login'])) && isset($_POST['password'])) { $opId = verifyparam("opid", "/^(\d{1,10})?$/", ""); - $login = getparam('login'); + if ($opId) { + $given_operator = operator_by_id($opId); + if (!$given_operator) { + $errors[] = getlocal("no_such_operator"); + $login = ''; + } + else { + $login = $given_operator['vclogin']; + } + } + else { + $login = getparam('login'); + } $email = getparam('email'); $jabber = getparam('jabber'); $password = getparam('password'); diff --git a/src/mibew/operator/operators.php b/src/mibew/operator/operators.php index f940f488..49ed4667 100644 --- a/src/mibew/operator/operators.php +++ b/src/mibew/operator/operators.php @@ -24,6 +24,8 @@ $operator = check_login(); csrfchecktoken(); check_permissions($operator, $can_administrate); +$errors = array(); + if (isset($_GET['act']) && $_GET['act'] == 'del') { $operatorid = isset($_GET['id']) ? $_GET['id'] : ""; diff --git a/src/mibew/view/agent.php b/src/mibew/view/agent.php index 7814a1ae..14e0495c 100644 --- a/src/mibew/view/agent.php +++ b/src/mibew/view/agent.php @@ -62,7 +62,7 @@ require_once('inc_errors.php');
*
- /> + />