X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/timetracker.git/blobdiff_plain/f066e7ba4d1141bad2f50e802c0911e5f76e8ef0..ce2ddc553c3e30ffaa62d6e0f2e1220ca7f63f34:/WEB-INF/lib/ttRegistrator.class.php

diff --git a/WEB-INF/lib/ttRegistrator.class.php b/WEB-INF/lib/ttRegistrator.class.php
index 48f4b0aa..c206881d 100644
--- a/WEB-INF/lib/ttRegistrator.class.php
+++ b/WEB-INF/lib/ttRegistrator.class.php
@@ -84,11 +84,14 @@ class ttRegistrator {
     if ($this->err->yes()) return false; // There are errors, do not proceed.
 
     global $i18n;
-
-    // Protection fom too many recent bot registrations from user IP.
-    if ($this->registeredRecently()) {
-      $this->err->add($i18n->get('error.access_denied'));
-      return false;
+    global $user;
+
+    // Protection from too many recent bot registrations from user IP.
+    if (!$user->can('administer_site')) { // No problems for site admin.
+      if ($this->registeredRecently()) {
+        $this->err->add($i18n->get('error.access_denied'));
+        return false;
+      }
     }
 
     import('ttUserHelper');
@@ -118,7 +121,9 @@ class ttRegistrator {
       return false;
     }
 
-    if (!$this->setCreatedBy($this->user_id))
+    // Set created_by appropriately (admin or self).
+    $created_by = $user->can('administer_site') ? $user->id : $this->user_id;
+    if (!$this->setCreatedBy($created_by))
       return false;
 
     return true;
@@ -159,9 +164,9 @@ class ttRegistrator {
     $email = $mdb2->quote($this->email);
     $created = 'now()';
     $created_ip = $mdb2->quote($_SERVER['REMOTE_ADDR']);
-    $values = "values($login, $password, $name, $this->group_id, $this->role_id, $email, $created, $created_ip)";
+    $values = "values($login, $password, $name, $this->group_id, $this->group_id, $this->role_id, $email, $created, $created_ip)";
 
-    $sql = 'insert into tt_users (login, password, name, group_id, role_id, email, created, created_ip) '.$values;
+    $sql = 'insert into tt_users (login, password, name, group_id, org_id, role_id, email, created, created_ip) '.$values;
     $affected = $mdb2->exec($sql);
     if (!is_a($affected, 'PEAR_Error')) {
       $user_id = $mdb2->lastInsertID('tt_users', 'id');
@@ -186,7 +191,7 @@ class ttRegistrator {
     }
 
     // Update top manager.
-    $sql = "update tt_users set created_by = $user_id where id = $user_id and group_id = $this->group_id";
+    $sql = "update tt_users set created_by = $user_id where id = $this->user_id and group_id = $this->group_id";
     $affected = $mdb2->exec($sql);
     if (is_a($affected, 'PEAR_Error')) {
       $this->err->add($i18n->get('error.db'));