$permissions = @$_POST['permissions']; if ($au_id > 0) { #/ encrypt password $p_string = ''; if (array_key_exists('update_acc_info', $_POST) && $_POST['update_acc_info'] == '1') { include_once '../../includes/func_enc.php'; $new_pass = (string) $_POST['new_pass']; $new_password = md5_encrypt($new_pass); $p_string = "pass_w='{$new_password}', "; } ###/ Updating Database #/ admin_users $sql_admin_users = "UPDATE admin_users SET first_name='{$_POST['first_name']}', last_name='{$_POST['last_name']}',\n email_add='{$_POST['email_add']}', {$p_string} is_active='{$is_active}'\n WHERE id='{$au_id}'"; mysql_exec($sql_admin_users, 'save'); #/ admin_permissions update_permissions($au_id, $permissions); #- //die(mysql_error()); $_SESSION["CUSA_ADMIN_MSG_GLOBAL"] = array(true, 'The Admin User data successfully Updated'); reset_attempt_counts(); redirect_me("{$consts['DOC_ROOT_ADMIN']}admin_users_opp.php{$param2}&au_id={$au_id}", true); ////////////////------- } else { ////////////////------- #/ encrypt password include_once '../../includes/func_enc.php'; $new_pass = (string) $_POST['new_pass']; $new_password = md5_encrypt($new_pass); ###/ Updating Database #/ admin_users $sql_admin_users = "insert into admin_users\n \t(email_add, first_name, last_name, is_active, pass_w, added_on)\n \tvalues('{$_POST['email_add']}', '{$_POST['first_name']}', '{$_POST['last_name']}', '{$is_active}', '{$new_password}', now())";
} if (isset($_POST['SET_ASSIGN_x'])) { if ($our_permission != "ASSIGN" && $our_permission != "ALL") { $system_message = $system_message . "You do not have sufficient permission to set this permission<BR>"; return FALSE; } $query = $query . "permission='ASSIGN' WHERE student_id={$student_id} AND " . $user_list; } $result = mysql_query($query); if (!$result) { $error_message = "Database query failed (" . __FILE__ . ":" . __LINE__ . "): " . mysql_error() . "<BR>Query: '{$query}'<BR>"; $system_message = $system_message . $error_message; } } if (isset($_POST['SET_ASSIGN_x']) || isset($_POST['SET_WRITE_x']) || isset($_POST['SET_READ_x']) || isset($_POST['SET_ALL_x']) || isset($_POST['DELETE_x'])) { update_permissions(); } if (!isset($_GET['iLimit'])) { $iLimit = 10; } else { $iLimit = $_GET['iLimit']; } if (!isset($_GET['iCur'])) { $iCur = 0; } else { $iCur = $_GET['iCur']; } $student_query = "select * from student where student.student_id=" . $student_id; $student_result = mysql_query($student_query); if (!$student_query) { $error_message = $error_message . "Database query failed (" . __FILE__ . ":" . __LINE__ . "): " . mysql_error() . "<BR>Query: '{$student_query}'<BR>";