From 213f28bb4abe0f6bad5cabc93b7e11b11b1a88a4 Mon Sep 17 00:00:00 2001 From: "Donald A. Lobo" Date: Fri, 8 Mar 2013 10:02:45 -0800 Subject: [PATCH] fix CRM-12062 --- CRM/Event/Form/Registration.php | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/CRM/Event/Form/Registration.php b/CRM/Event/Form/Registration.php index 7bef63f798..8895790056 100644 --- a/CRM/Event/Form/Registration.php +++ b/CRM/Event/Form/Registration.php @@ -1212,6 +1212,14 @@ WHERE v.option_group_id = g.id return $tempID; } + // check if the user is logged in and has a contact ID + $session = CRM_Core_Session::singleton(); + $userID = $session->get('userID'); + + if ($tempID == $userID) { + return $userID; + } + //check if this is a checksum authentication $userChecksum = CRM_Utils_Request::retrieve('cs', 'String', $this); if ($userChecksum) { @@ -1221,10 +1229,12 @@ WHERE v.option_group_id = g.id return $tempID; } } + // check if user has permission, CRM-12062 + else if (CRM_Contact_BAO_Contact_Permission::allow($tempID)) { + return $tempID; + } - // check if the user is registered and we have a contact ID - $session = CRM_Core_Session::singleton(); - return $session->get('userID'); + return $userID; } /* Validate price set submitted params for price option limit, -- 2.25.1