From 91dafb19ec171e747d9976cf738606759bde3aae Mon Sep 17 00:00:00 2001 From: msquare Date: Thu, 29 Sep 2016 10:53:17 +0200 Subject: prohibit inline control structures on pages --- includes/pages/admin_user.php | 41 ++++++++++++++++++++++++----------------- 1 file changed, 24 insertions(+), 17 deletions(-) (limited to 'includes/pages/admin_user.php') diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php index 516bd1e4..fb3283bd 100644 --- a/includes/pages/admin_user.php +++ b/includes/pages/admin_user.php @@ -9,14 +9,16 @@ function admin_user() { $html = ''; - if (! isset($_REQUEST['id'])) + if (! isset($_REQUEST['id'])) { redirect(users_link()); + } $id = $_REQUEST['id']; if (! isset($_REQUEST['action'])) { $user_source = User($id); - if ($user_source === false) + if ($user_source === false) { engelsystem_error('Unable to load user.'); + } if ($user_source == null) { error(_('This user does not exist.')); redirect(users_link()); @@ -42,10 +44,10 @@ function admin_user() { $html .= " jabber" . "\n"; $html .= " Size" . html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . "\n"; - $options = array( - '1' => "Yes", - '0' => "No" - ); + $options = [ + '1' => _("Yes"), + '0' => _("No") + ]; // Gekommen? $html .= " Gekommen\n"; @@ -90,20 +92,23 @@ function admin_user() { $html .= "
"; $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id` LIMIT 1"); - if (count($my_highest_group) > 0) + if (count($my_highest_group) > 0) { $my_highest_group = $my_highest_group[0]['group_id']; + } $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "' ORDER BY `group_id` LIMIT 1"); - if (count($his_highest_group) > 0) + if (count($his_highest_group) > 0) { $his_highest_group = $his_highest_group[0]['group_id']; + } if ($id != $user['UID'] && $my_highest_group <= $his_highest_group) { $html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:
\n"; $html .= ''; $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group) . "' ORDER BY `Groups`.`Name`"); - foreach ($groups as $group) + foreach ($groups as $group) { $html .= ''; + } $html .= '
' . $group['Name'] . '
'; @@ -127,18 +132,19 @@ function admin_user() { if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) { $groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group[0]['group_id']) . "' ORDER BY `Groups`.`Name`"); - $groups = array(); - $grouplist = array(); + $groups = []; + $grouplist = []; foreach ($groups_source as $group) { $groups[$group['UID']] = $group; $grouplist[] = $group['UID']; } - if (! is_array($_REQUEST['groups'])) - $_REQUEST['groups'] = array(); + if (! is_array($_REQUEST['groups'])) { + $_REQUEST['groups'] = []; + } sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "'"); - $user_groups_info = array(); + $user_groups_info = []; foreach ($_REQUEST['groups'] as $group) { if (in_array($group, $grouplist)) { sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($id) . "', `group_id`='" . sql_escape($group) . "'"); @@ -158,8 +164,9 @@ function admin_user() { case 'save': $force_active = $user['force_active']; - if (in_array('admin_active', $privileges)) + if (in_array('admin_active', $privileges)) { $force_active = $_REQUEST['force_active']; + } $SQL = "UPDATE `User` SET `Nick` = '" . sql_escape($_POST["eNick"]) . "', `Name` = '" . sql_escape($_POST["eName"]) . "', @@ -197,8 +204,8 @@ function admin_user() { } } - return page_with_title(_('Edit user'), array( + return page_with_title(_("Edit user"), [ $html - )); + ]); } ?> -- cgit v1.2.3-54-g00ecf