fix: email uniqueness check only applies to hosting accounts, not admin/reseller users

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01LP9Q4kfCAYAjJnsbHBrViZ
This commit is contained in:
2026-06-20 16:42:15 +00:00
parent a8a80bff5e
commit 9aa67f7efd
+1 -1
View File
@@ -70,7 +70,7 @@ match ($action) {
foreach ($required as $f) { if (empty($body[$f])) Response::error("$f is required"); }
if (!filter_var($body['email'], FILTER_VALIDATE_EMAIL)) Response::error("Invalid email address");
if ($db->fetchOne("SELECT id FROM users WHERE email = ?", [$body['email']])) Response::error("Email already in use by another account");
if ($db->fetchOne("SELECT id FROM users WHERE email = ? AND role = 'user'", [$body['email']])) Response::error("Email already in use by another account");
if ($db->fetchOne("SELECT id FROM users WHERE username = ?", [$body['username']])) Response::error("Username already taken");
// Insert user first — AccountManager::create() wraps everything else in its own transaction