function modifySiteAdminUser($userId, $siteAdmin) { if (!isSiteAdmin()) { return FALSE; } if ($userId == $_SESSION['user']['user_id']) { return FALSE; } $userObj = loadUser($userId); if (!$userObj) { return FALSE; } if (!userIsActive($userId)) { return FALSE; } $userRoleId = getRoleId('user'); $adminRoleId = getRoleId('admin'); if ($userObj['role_id'] != $userRoleId && $userObj['role_id'] != $adminRoleId) { return FALSE; } $newRoleId = $userRoleId; if ($siteAdmin) { $newRoleId = $adminRoleId; } $updates = array('role_id' => $newRoleId); $conditions = array('user_id' => $userId); return db_update('virtual_users', $updates, $conditions); }
$pay_account = $_POST['pay_account']; $role = $_POST['role']; $ctype = $_POST['ctype']; $country = $_POST['country']; $city = $_POST['city']; if (empty($firstname) || empty($lastname) || empty($password) || empty($email) || empty($user) || empty($address)) { set_response_mes(-1, $admin_language['fieldmandatory']); $role = $_POST['role']; url_redirect(DOCROOT . "admin/reg/" . strtolower($role) . "/"); } if (empty($city) || empty($country)) { set_response_mes(-1, $admin_language['condcitymand']); $role = $_POST['role']; url_redirect(DOCROOT . "admin/reg/" . strtolower($role) . "/"); } $roleid = getRoleId($role); if (strtolower($role) == 'sa') { $shopname = htmlentities($_POST['shopname'], ENT_QUOTES); $shopaddress = htmlentities($_POST['shopaddress'], ENT_QUOTES); $lat = htmlentities($_POST['lat'], ENT_QUOTES); $lang = htmlentities($_POST['lang'], ENT_QUOTES); $shopurl = htmlentities($_POST['shopurl'], ENT_QUOTES); $queryString = "select * from coupons_shops where shopname = '{$shopname}' and shop_city = '{$city}'"; $resultSet = mysql_query($queryString); if (mysql_num_rows($resultSet) > 0) { set_response_mes(-1, $admin_language['shopnameexist']); $redirect_url = DOCROOT . 'admin/reg/sa/'; url_redirect($redirect_url); } else { $shopcreatedby = $_SESSION["userid"]; $queryString = "insert into coupons_shops (shopname,shop_address,shop_city,shop_country,shop_status,shop_latitude,shop_longitude,shop_createdby,shop_createddate,shop_url) values ('{$shopname}','{$shopaddress}','{$city}','{$country}','A','{$lat}','{$lang}','{$shopcreatedby}',now(),'{$shopurl}')";