diff options
author | Philip Häusler <msquare@notrademark.de> | 2015-12-04 21:50:39 +0100 |
---|---|---|
committer | Philip Häusler <msquare@notrademark.de> | 2015-12-04 21:50:39 +0100 |
commit | 3790818baf07f5310851f0d35d61d337a2b29d41 (patch) | |
tree | 901052c2d8c5e4778d79629b948f7d34daa7d5b9 /includes/pages/admin_user.php | |
parent | 6e8052d48eabd35c9c070da1dce22158d36ff360 (diff) |
fix user delete log entry
Diffstat (limited to 'includes/pages/admin_user.php')
-rw-r--r-- | includes/pages/admin_user.php | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php index ee244925..6d327d7f 100644 --- a/includes/pages/admin_user.php +++ b/includes/pages/admin_user.php @@ -27,10 +27,6 @@ function admin_user() { $html .= "<form action=\"" . page_link_to("admin_user") . "&action=save&id=$id\" method=\"post\">\n"; $html .= "<table border=\"0\">\n"; $html .= "<input type=\"hidden\" name=\"Type\" value=\"Normal\">\n"; - - $SQL = "SELECT * FROM `User` WHERE `UID`='" . sql_escape($id) . "'"; - list($user_source) = sql_select($SQL); - $html .= "<tr><td>\n"; $html .= "<table>\n"; $html .= " <tr><td>Nick</td><td>" . "<input type=\"text\" size=\"40\" name=\"eNick\" value=\"" . $user_source['Nick'] . "\"></td></tr>\n"; @@ -162,7 +158,14 @@ function admin_user() { case 'delete': if ($user['UID'] != $id) { - $user_source = sql_select("SELECT `Nick`, `UID` FROM `User` WHERE `UID` = '" . sql_escape($id) . "' LIMIT 1"); + $user_source = User($id); + if ($user_source === false) + engelsystem_error("Unable to load user."); + if ($user_source == null) { + error(_('This user does not exist.')); + redirect(users_link()); + } + sql_query("DELETE FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "'"); engelsystem_log("Deleted user " . User_Nick_render($user_source)); |