fixed modcmd query bug

[NeonServV5.git] / cmd_neonserv_adduser.c

diff --git a/cmd_neonserv_adduser.c b/cmd_neonserv_adduser.c
index e5d2bd2e1e4e66dbbe6e11b6d5dd3e866ee56f1e..80a9043044c91c89c18ff9b63e69904d6f41c567 100644 (file)
--- a/cmd_neonserv_adduser.c
+++ b/cmd_neonserv_adduser.c
@@ -20,12 +20,15 @@ static CMD_BIND(neonserv_cmd_adduser) {
     MYSQL_RES *res;
     MYSQL_ROW row;
     check_mysql();
-    //check acccess
     caccess = atoi(argv[1]);
     if(caccess <= 0 || caccess > 500) {
         reply(getTextBot(), user, "NS_INVALID_ACCESS", caccess);
         return;
     }
+    if(caccess >= getChannelAccess(user, chan, 1)) {
+        reply(getTextBot(), user, "NS_ACCESS_OUTRANKED");
+        return;
+    }
     //check own access
     if(argv[0][0] == '*') {
         //we've got an auth
@@ -122,6 +125,6 @@ static void neonserv_cmd_adduser_async1(struct ClientSocket *client, struct Clie
         printf_mysql_query("INSERT INTO `users` (`user_user`) VALUES ('%s')", escape_string(auth));
         userid = (int) mysql_insert_id(mysql_conn);
     }
-    printf_mysql_query("INSERT INTO `chanusers` (`chanuser_cid`, `chanuser_uid`, `chanuser_access`) VALUES ('%d', '%d', '%d')", chan->channel_id, userid, access);
-    reply(textclient, user, "NS_ADDUSER_DONE", nick, chan->name, atoi(row[0]));
+    printf_mysql_query("INSERT INTO `chanusers` (`chanuser_cid`, `chanuser_uid`, `chanuser_access`) VALUES ('%d', '%d', '%d')", chan->channel_id, userid, caccess);
+    reply(textclient, user, "NS_ADDUSER_DONE", nick, chan->name, caccess);
 }