Ejemplo n.º 1
0
        header('Location: ' . html_entity_decode(get_user_uri($current_user->user_login)));
        die;
    } else {
        header('Location: ' . $globals['base_url']);
        die;
    }
}
$uid = $_REQUEST['uid'];
// Should be clean before
$user = new User();
if ($current_user->admin) {
    // Check if it's used UID
    if ($uid) {
        $user->id = $uid;
    } else {
        redirect(html_entity_decode(get_user_uri_by_uid($login, $_REQUEST['view'])));
        die;
    }
} else {
    if ($uid > 0) {
        // Avoid anonymous and non admins users to use the id, it's a "duplicated" page
        redirect(html_entity_decode(get_user_uri($login, $_REQUEST['view'])));
        die;
    }
    $user->username = $login;
}
if (!$user->read()) {
    do_error(_('usuario inexistente'), 404);
}
$login = $user->username;
// Just in case, we user the database username
Ejemplo n.º 2
0
		header('Location: '.$globals['base_url']);
		die;
	}
}


$uid = $_REQUEST['uid']; // Should be clean before

$user=new User();

if ($current_user->admin) {
		// Check if it's used UID
		if($uid) {
			$user->id = $uid;
		} else {
			header('Location: ' . html_entity_decode(get_user_uri_by_uid($login, $_REQUEST['view'])));
			die;
		}
} else {
		if($uid > 0) {
			// Avoid anonymous and non admins users to use the id, it's a "duplicated" page
			header('Location: ' . html_entity_decode(get_user_uri($login, $_REQUEST['view'])));
			die;
		}
		$user->username = $login;
}

if(!$user->read()) {
	do_error(_('usuario inexistente'), 404);
}
$login = $user->username; // Just in case, we user the database username