summaryrefslogtreecommitdiff
path: root/includes/pages/admin_user.php
diff options
context:
space:
mode:
Diffstat (limited to 'includes/pages/admin_user.php')
-rw-r--r--includes/pages/admin_user.php34
1 files changed, 17 insertions, 17 deletions
diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php
index fb3283bd..56987e12 100644
--- a/includes/pages/admin_user.php
+++ b/includes/pages/admin_user.php
@@ -13,9 +13,9 @@ function admin_user() {
redirect(users_link());
}
- $id = $_REQUEST['id'];
+ $user_id = $_REQUEST['id'];
if (! isset($_REQUEST['action'])) {
- $user_source = User($id);
+ $user_source = User($user_id);
if ($user_source === false) {
engelsystem_error('Unable to load user.');
}
@@ -26,7 +26,7 @@ function admin_user() {
$html .= "Hallo,<br />" . "hier kannst du den Eintrag &auml;ndern. Unter dem Punkt 'Gekommen' " . "wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, " . "dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. " . "Wenn T-Shirt ein 'Ja' enth&auml;lt, bedeutet dies, dass der Engel " . "bereits sein T-Shirt erhalten hat.<br /><br />\n";
- $html .= "<form action=\"" . page_link_to("admin_user") . "&action=save&id=$id\" method=\"post\">\n";
+ $html .= "<form action=\"" . page_link_to("admin_user") . "&action=save&id=$user_id\" method=\"post\">\n";
$html .= "<table border=\"0\">\n";
$html .= "<input type=\"hidden\" name=\"Type\" value=\"Normal\">\n";
$html .= "<tr><td>\n";
@@ -80,7 +80,7 @@ function admin_user() {
$html .= form_info('', _('Please visit the angeltypes page or the users profile to manage users angeltypes.'));
- $html .= "Hier kannst Du das Passwort dieses Engels neu setzen:<form action=\"" . page_link_to("admin_user") . "&action=change_pw&id=$id\" method=\"post\">\n";
+ $html .= "Hier kannst Du das Passwort dieses Engels neu setzen:<form action=\"" . page_link_to("admin_user") . "&action=change_pw&id=$user_id\" method=\"post\">\n";
$html .= "<table>\n";
$html .= " <tr><td>Passwort</td><td>" . "<input type=\"password\" size=\"40\" name=\"new_pw\" value=\"\"></td></tr>\n";
$html .= " <tr><td>Wiederholung</td><td>" . "<input type=\"password\" size=\"40\" name=\"new_pw2\" value=\"\"></td></tr>\n";
@@ -96,16 +96,16 @@ function admin_user() {
$my_highest_group = $my_highest_group[0]['group_id'];
}
- $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "' ORDER BY `group_id` LIMIT 1");
+ $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "' ORDER BY `group_id` LIMIT 1");
if (count($his_highest_group) > 0) {
$his_highest_group = $his_highest_group[0]['group_id'];
}
- if ($id != $user['UID'] && $my_highest_group <= $his_highest_group) {
- $html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<form action=\"" . page_link_to("admin_user") . "&action=save_groups&id=" . $id . "\" method=\"post\">\n";
+ if ($user_id != $user['UID'] && $my_highest_group <= $his_highest_group) {
+ $html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<form action=\"" . page_link_to("admin_user") . "&action=save_groups&id=" . $user_id . "\" method=\"post\">\n";
$html .= '<table>';
- $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group) . "' ORDER BY `Groups`.`Name`");
+ $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($user_id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group) . "' ORDER BY `Groups`.`Name`");
foreach ($groups as $group) {
$html .= '<tr><td><input type="checkbox" name="groups[]" value="' . $group['UID'] . '"' . ($group['group_id'] != "" ? ' checked="checked"' : '') . ' /></td><td>' . $group['Name'] . '</td></tr>';
}
@@ -126,12 +126,12 @@ function admin_user() {
} else {
switch ($_REQUEST['action']) {
case 'save_groups':
- if ($id != $user['UID']) {
+ if ($user_id != $user['UID']) {
$my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id`");
- $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "' ORDER BY `group_id`");
+ $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "' ORDER BY `group_id`");
if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) {
- $groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group[0]['group_id']) . "' ORDER BY `Groups`.`Name`");
+ $groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($user_id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group[0]['group_id']) . "' ORDER BY `Groups`.`Name`");
$groups = [];
$grouplist = [];
foreach ($groups_source as $group) {
@@ -143,15 +143,15 @@ function admin_user() {
$_REQUEST['groups'] = [];
}
- sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "'");
+ sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "'");
$user_groups_info = [];
foreach ($_REQUEST['groups'] as $group) {
if (in_array($group, $grouplist)) {
- sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($id) . "', `group_id`='" . sql_escape($group) . "'");
+ sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($user_id) . "', `group_id`='" . sql_escape($group) . "'");
$user_groups_info[] = $groups[$group]['Name'];
}
}
- $user_source = User($id);
+ $user_source = User($user_id);
engelsystem_log("Set groups of " . User_Nick_render($user_source) . " to: " . join(", ", $user_groups_info));
$html .= success("Benutzergruppen gespeichert.", true);
} else {
@@ -184,7 +184,7 @@ function admin_user() {
`force_active`= " . sql_escape($force_active) . ",
`Tshirt` = '" . sql_escape($_POST["eTshirt"]) . "',
`Hometown` = '" . sql_escape($_POST["Hometown"]) . "'
- WHERE `UID` = '" . sql_escape($id) . "'
+ WHERE `UID` = '" . sql_escape($user_id) . "'
LIMIT 1";
sql_query($SQL);
engelsystem_log("Updated user: " . $_POST["eNick"] . ", " . $_POST["eSize"] . ", arrived: " . $_POST["eGekommen"] . ", active: " . $_POST["eAktiv"] . ", tshirt: " . $_POST["eTshirt"]);
@@ -193,8 +193,8 @@ function admin_user() {
case 'change_pw':
if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
- set_password($id, $_REQUEST['new_pw']);
- $user_source = User($id);
+ set_password($user_id, $_REQUEST['new_pw']);
+ $user_source = User($user_id);
engelsystem_log("Set new password for " . User_Nick_render($user_source));
$html .= success("Passwort neu gesetzt.", true);
} else {