From deefb198c7a927baddd67aaefa4fdfb82964d3ca Mon Sep 17 00:00:00 2001
From: RomanSteinberg <romanofficial@yandex.ru>
Date: Sat, 30 Aug 2014 14:38:37 +0400
Subject: [PATCH] FIX: BindTeacher st. proc.

---
 db/StoredProcedures.sql | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/db/StoredProcedures.sql b/db/StoredProcedures.sql
index 333850005..18a100af2 100644
--- a/db/StoredProcedures.sql
+++ b/db/StoredProcedures.sql
@@ -1598,36 +1598,36 @@ CREATE FUNCTION `BindTeacher`(	`AccessedTeacher` INT,
 BEGIN  
     DECLARE checker INT; 
 
+-- 1. check if AccessedTeacher is author
+
 	SELECT disciplines.ID 
 	INTO checker 
 	FROM `disciplines`
-	INNER JOIN `disciplines_teachers` ON 	disciplines_teachers.DisciplineID = disciplines.ID AND 
-											disciplines_teachers.TeacherID = AccessedTeacher  
-	WHERE disciplines.ID = DisciplineID
+	WHERE 	disciplines.ID = DisciplineID AND
+			disciplines.AuthorID = AccessedTeacher 
 	LIMIT 1;
 	IF NOT (checker > 0) THEN
 		RETURN -1;
 	END IF;
 
-
-
+-- 2. check if BindingTeacher has rights to access this discipline
 	SET checker = -1;
 	SELECT disciplines_teachers.ID 
 	INTO checker 
-	FROM `disciplines`
-	INNER JOIN `disciplines_teachers` ON 	disciplines_teachers.DisciplineID = disciplines.ID AND 
-											disciplines_teachers.TeacherID = BindingTeacher  
-	WHERE disciplines.ID = DisciplineID
+	FROM `disciplines_teachers`
+	WHERE 	disciplines_teachers.DisciplineID = DisciplineID AND
+			disciplines_teachers.TeacherID = BindingTeacher  
 	LIMIT 1;
 	IF checker > 0 THEN
 		RETURN 0;
 	END IF;
 
+-- 3. insert BindingTeacher in access list
 	INSERT INTO `disciplines_teachers`
 		(	disciplines_teachers.DisciplineID,
 			disciplines_teachers.TeacherID 	)
 	VALUES	( DisciplineID, BindingTeacher );
-	RETURN 0;
+	RETURN 1;
 	
 END //
 
-- 
GitLab