From beacbaecda9e4b11f4320786da2fbff6f8a2a044 Mon Sep 17 00:00:00 2001
From: Ignacio Nelson <info@subwaydesign.com.ar>
Date: Tue, 18 Jan 2022 21:20:42 -0300
Subject: [PATCH] When editing a user, if role is not client, some fields
 should be always null (phone, contact, address)

---
 includes/Classes/Users.php | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/includes/Classes/Users.php b/includes/Classes/Users.php
index fc258f33..e395698b 100644
--- a/includes/Classes/Users.php
+++ b/includes/Classes/Users.php
@@ -550,6 +550,14 @@ public function edit()
 
         $this->password_hashed = $this->hashPassword($this->password);
 
+        // Some fields should not be allowed to be written if the current user is not a client,
+        // as they are meant to be null for system users
+        if ($this->role != 0) {
+            $this->address = null;
+            $this->phone = null;
+            $this->contact = null;
+        }
+
 		if (strlen($this->password_hashed) >= 20) {
 
 			$this->state['hash'] = 1;