From 4c3f6e4c319ead796780f79ee8f7697ed35a8b13 Mon Sep 17 00:00:00 2001
From: Jeroen Peelaerts <jeroen.peelaerts@gmail.com>
Date: Sat, 7 Aug 2021 01:22:18 +0200
Subject: [PATCH] Fix username verification on insert/update (#3239)

---
 application/controllers/Employees.php |  5 +++--
 application/models/Employee.php       |  3 ++-
 application/views/employees/form.php  | 15 ++++-----------
 3 files changed, 9 insertions(+), 14 deletions(-)

diff --git a/application/controllers/Employees.php b/application/controllers/Employees.php
index 9a5dbdf4e..d101dc75c 100644
--- a/application/controllers/Employees.php
+++ b/application/controllers/Employees.php
@@ -60,6 +60,7 @@ class Employees extends Persons
 			$person_info->$property = $this->xss_clean($value);
 		}
 		$data['person_info'] = $person_info;
+		$data['employee_id'] = $employee_id;
 
 		$modules = array();
 		foreach($this->Module->get_all_modules()->result() as $module)
@@ -191,9 +192,9 @@ class Employees extends Persons
 		}
 	}
 
-	public function check_username()
+	public function check_username($employee_id)
 	{
-		$exists = $this->Employee->username_exists($this->input->get('username'));
+		$exists = $this->Employee->username_exists($employee_id, $this->input->get('username'));
 		echo !$exists ? 'true' : 'false';
 	}
 }
diff --git a/application/models/Employee.php b/application/models/Employee.php
index 9731d27c2..160f01709 100644
--- a/application/models/Employee.php
+++ b/application/models/Employee.php
@@ -18,10 +18,11 @@ class Employee extends Person
 		return ($this->db->get()->num_rows() == 1);
 	}
 
-	public function username_exists($username)
+	public function username_exists($employee_id, $username)
 	{
 		$this->db->from('employees');
 		$this->db->where('employees.username', $username);
+		$this->db->where('employees.person_id <>', $employee_id);
 
 		return ($this->db->get()->num_rows() == 1);
 	}
diff --git a/application/views/employees/form.php b/application/views/employees/form.php
index f93410d00..959a69264 100644
--- a/application/views/employees/form.php
+++ b/application/views/employees/form.php
@@ -209,17 +209,10 @@ $(document).ready(function()
 			last_name: 'required',
 			username:
 			{
-				<?php
-				if($person_info->person_id == "")
-				{
-				?>
-				remote: '<?php echo site_url("$controller_name/check_username")?>',
-				<?php
-				}
-				?>
-				required: true,
-				minlength: 5
 
+				required: true,
+				minlength: 5,
+				remote: '<?php echo site_url("$controller_name/check_username/$employee_id")?>'
 			},
 			password:
 			{
@@ -270,4 +263,4 @@ $(document).ready(function()
 		}
 	}, form_support.error));
 });
-</script>
\ No newline at end of file
+</script>