Disallow changing email address to one already used by another account

2 files changed, 2 insertions, 1 deletions

diff --git a/lib/VNWeb/User/Edit.pm b/lib/VNWeb/User/Edit.pm
index 4e67bf4e..23302ee6 100644
--- a/lib/VNWeb/User/Edit.pm
+++ b/lib/VNWeb/User/Edit.pm
@@ -102,6 +102,7 @@ json_api qr{/u/edit}, $FORM, sub {
         if(auth->permUsermod) {
             tuwf->dbExeci(select => sql_func user_admin_setmail => \$data->{id}, \auth->uid, sql_fromhex(auth->token), \$data->{email});
         } else {
+            return elm_DoubleEmail if tuwf->dbVali(select => sql_func user_emailexists => \$data->{email}, \$data->{id});
             my $token = auth->setmail_token($data->{email});
             my $body = sprintf
                 "Hello %s,"
diff --git a/lib/VNWeb/User/Register.pm b/lib/VNWeb/User/Register.pm
index c093fcee..2f79a93d 100644
--- a/lib/VNWeb/User/Register.pm
+++ b/lib/VNWeb/User/Register.pm
@@ -21,7 +21,7 @@ json_api '/u/register', {
     my $num = tuwf->dbVali("SELECT count FROM stats_cache WHERE section = 'vn'");
     return elm_Bot         if $data->{vns} < $num*0.995 || $data->{vns} > $num*1.005;
     return elm_Taken       if tuwf->dbVali('SELECT 1 FROM users WHERE username =', \$data->{username});
-    return elm_DoubleEmail if tuwf->dbVali(select => sql_func user_emailexists => \$data->{email});
+    return elm_DoubleEmail if tuwf->dbVali(select => sql_func user_emailexists => \$data->{email}, \undef);
 
     my $ip = tuwf->reqIP;
     return elm_DoubleIP if tuwf->dbVali(