From 48b03938fc817d4ec96ed0d1fa2fb3a4fc16115c Mon Sep 17 00:00:00 2001
From: Sudarshan Phule <sudarshanthecoder@gmail.com>
Date: Fri, 29 Jul 2011 16:25:43 +0530
Subject: [PATCH] Committed user_admin.php and usergroup_admin_add.php for bug
 where creation of new user without first and last name doesn't get access
 control

---
 interface/usergroup/user_admin.php          | 28 ++++++++++++++++--
 interface/usergroup/usergroup_admin_add.php | 44 +++++++++++++++++++++++++----
 2 files changed, 65 insertions(+), 7 deletions(-)

diff --git a/interface/usergroup/user_admin.php b/interface/usergroup/user_admin.php
index 7944fb3c3..02917b053 100644
--- a/interface/usergroup/user_admin.php
+++ b/interface/usergroup/user_admin.php
@@ -189,6 +189,30 @@ function checkChange()
 function submitform() {
 	top.restoreSession();
 	var flag=0;
+	function trimAll(sString)
+	{
+		while (sString.substring(0,1) == ' ')
+		{
+			sString = sString.substring(1, sString.length);
+		}
+		while (sString.substring(sString.length-1, sString.length) == ' ')
+		{
+			sString = sString.substring(0,sString.length-1);
+		}
+		return sString;
+	}
+	if(trimAll(document.getElementById('fname').value) == ""){
+		alert("<?php xl('Required field missing: Please enter the First name','e');?>");
+		document.getElementById('fname').style.backgroundColor="red";
+		document.getElementById('fname').focus();
+		return false;
+	}
+	if(trimAll(document.getElementById('lname').value) == ""){
+		alert("<?php xl('Required field missing: Please enter the Last name','e');?>");
+		document.getElementById('lname').style.backgroundColor="red";
+		document.getElementById('lname').focus();
+		return false;
+	}
 	if(document.forms[0].clearPass.value!="")
 	{
 		//Checking for the strong password if the 'secure password' feature is enabled
@@ -367,12 +391,12 @@ $bg_count=count($acl_name);
 
 <TR>
 <TD><span class=text><?php xl('First Name','e'); ?>: </span></TD>
-<TD><input type=entry name=fname style="width:150px;" value="<?php echo $iter["fname"]; ?>"></td>
+<TD><input type=entry name=fname id=fname style="width:150px;" value="<?php echo $iter["fname"]; ?>"><span class="mandatory">&nbsp;*</span></td>
 <td><span class=text><?php xl('Middle Name','e'); ?>: </span></TD><td><input type=entry name=mname style="width:150px;"  value="<?php echo $iter["mname"]; ?>"></td>
 </TR>
 
 <TR>
-<td><span class=text><?php xl('Last Name','e'); ?>: </span></td><td><input type=entry name=lname style="width:150px;"  value="<?php echo $iter["lname"]; ?>"></td>
+<td><span class=text><?php xl('Last Name','e'); ?>: </span></td><td><input type=entry name=lname id=lname style="width:150px;"  value="<?php echo $iter["lname"]; ?>"><span class="mandatory">&nbsp;*</span></td>
 <td><span class=text><?php xl('Default Facility','e'); ?>: </span></td><td><select name=facility_id style="width:150px;" >
 <?php
 $fres = sqlStatement("select * from facility where service_location != 0 order by name");
diff --git a/interface/usergroup/usergroup_admin_add.php b/interface/usergroup/usergroup_admin_add.php
index ce85d4db9..c90a9cb98 100644
--- a/interface/usergroup/usergroup_admin_add.php
+++ b/interface/usergroup/usergroup_admin_add.php
@@ -24,9 +24,21 @@ $alertmsg = '';
 <script src="checkpwd_validation.js" type="text/javascript"></script>
 
 <script language="JavaScript">
+function trimAll(sString)
+{
+	while (sString.substring(0,1) == ' ')
+	{
+		sString = sString.substring(1, sString.length);
+	}
+	while (sString.substring(sString.length-1, sString.length) == ' ')
+	{
+		sString = sString.substring(0,sString.length-1);
+	}
+	return sString;
+} 
 
 function submitform() {
-	if (document.forms[0].rumple.value.length>0 && document.forms[0].stiltskin.value.length>0) {
+	if (document.forms[0].rumple.value.length>0 && document.forms[0].stiltskin.value.length>0 && document.getElementById('fname').value.length >0 && document.getElementById('lname').value.length >0) {
 		top.restoreSession();
 
 		//Checking if secure password is enabled or disabled.
@@ -91,9 +103,31 @@ function submitform() {
 		document.forms[0].submit();
 	} else {
 		if (document.forms[0].rumple.value.length<=0)
-		{document.forms[0].rumple.focus();document.forms[0].rumple.style.backgroundColor="red";}
+		{
+			document.forms[0].rumple.style.backgroundColor="red";
+			alert("<?php xl('Required field missing: Please enter the User Name','e');?>");
+			document.forms[0].rumple.focus();
+			return false;
+		}
 		if (document.forms[0].stiltskin.value.length<=0)
-		{document.forms[0].stiltskin.focus();document.forms[0].stiltskin.style.backgroundColor="red";}
+		{
+			document.forms[0].stiltskin.style.backgroundColor="red";
+			alert("<?php echo xl('Please enter the password'); ?>");
+			document.forms[0].stiltskin.focus();
+			return false;
+		}
+		if(trimAll(document.getElementById('fname').value) == ""){
+			document.getElementById('fname').style.backgroundColor="red";
+			alert("<?php xl('Required field missing: Please enter the First name','e');?>");
+			document.getElementById('fname').focus();
+			return false;
+		}
+		if(trimAll(document.getElementById('lname').value) == ""){
+			document.getElementById('lname').style.backgroundColor="red";
+			alert("<?php xl('Required field missing: Please enter the Last name','e');?>");
+			document.getElementById('lname').focus();
+			return false;
+		}
 	}
 }
 function authorized_clicked() {
@@ -152,11 +186,11 @@ foreach ($result2 as $iter) {
 </td>
 </tr>
 <tr>
-<td><span class="text"><?php xl('First Name','e'); ?>: </span></td><td><input type=entry name='fname' style="width:120px;"></td>
+<td><span class="text"><?php xl('First Name','e'); ?>: </span></td><td><input type=entry name='fname' id='fname' style="width:120px;"><span class="mandatory">&nbsp;*</span></td>
 <td><span class="text"><?php xl('Middle Name','e'); ?>: </span></td><td><input type=entry name='mname' style="width:120px;"></td>
 </tr>
 <tr>
-<td><span class="text"><?php xl('Last Name','e'); ?>: </span></td><td><input type=entry name='lname' style="width:120px;"></td>
+<td><span class="text"><?php xl('Last Name','e'); ?>: </span></td><td><input type=entry name='lname' id='lname' style="width:120px;"><span class="mandatory">&nbsp;*</span></td>
 <td><span class="text"><?php xl('Default Facility','e'); ?>: </span></td><td><select style="width:120px;" name=facility_id>
 <?php
 $fres = sqlStatement("select * from facility where service_location != 0 order by name");
-- 
2.11.4.GIT