} else {
// Check if you want to change your own rights or status
if ($_POST['rights_orig'] != (int) $_POST['rights'] || $_POST['status_orig'] != (int) $_POST['status']) {
if (TRUE == rights::is_login_user((int) $_POST['uid'])) {
$B->form_error = 'You can not change your own rights or status!';
}
}
// Check if you can change rights to the demanded level
if (FALSE == $B->form_error && $_POST['rights_orig'] != (int) $_POST['rights']) {
if (FALSE == rights::ask_set_rights((int) $_POST['uid'], (int) $_POST['rights'])) {
$B->form_error = 'You can not change to this rights level!';
}
}
// Check if you can change status of this user
if (FALSE == $B->form_error && $_POST['status_orig'] != (int) $_POST['status']) {
if (FALSE == rights::ask_set_status((int) $_POST['uid'])) {
$B->form_error = 'You can not change status of this user!';
}
}
// if no error occure, proceed ...
if (empty($B->form_error)) {
$B->tmp_data = array('forename' => $B->db->quoteSmart($B->util->stripSlashes($_POST['forename'])), 'lastname' => $B->db->quoteSmart($B->util->stripSlashes($_POST['lastname'])), 'email' => $B->db->quoteSmart($B->util->stripSlashes($_POST['email'])), 'rights' => (int) $_POST['rights'], 'status' => (int) $_POST['status']);
// update password if it isnt empty
if (!empty($_POST['passwd'])) {
$B->tmp_data['passwd'] == $B->db->quoteSmart(md5($_POST['passwd']));
}
// update user data
if (FALSE != $B->user->update_user((int) $_REQUEST['uid'], $B->tmp_data)) {
@header('Location: ' . SF_BASE_LOCATION . '/admin/index.php?m=USER');
exit;
} else {
