function deleteVehiclePOST()
{
$vehicleID = $_POST['vehicleID'];
deleteVehicleFromEvents($vehicleID);
mysql_query("DELETE FROM vehicles WHERE vehicleID = '{$vehicleID}'");
exitVehicleScript();
}
function adminDisplayUserInfoPage()
{
$hashUsername = getCookie('ID');
$check = mysql_query("SELECT * FROM users WHERE sha256_user = '******'") or die(mysql_error());
$info = mysql_fetch_array($check);
if ($info['admin'] != 1) {
die("ERROR: You are not an admin.");
}
$username = $_GET['USER'];
$check = mysql_query("SELECT * FROM users WHERE username = '******'") or die(mysql_error());
while ($info = mysql_fetch_array($check)) {
if ($info['admin'] == 1) {
die("ERROR: Not allowed to edit admin info");
}
if (isset($_POST['submitEdit'])) {
$storedMemberType = $info['member'];
$postFname = addslashes($_POST['firstName']);
$postLname = addslashes($_POST['lastName']);
$postAddr1 = addslashes($_POST['address1']);
$postAddr2 = addslashes($_POST['address2']);
$postCity = addslashes($_POST['city']);
$postState = addslashes($_POST['state']);
$postZip = addslashes($_POST['zipCode']);
$postHphone = addslashes($_POST['homePhone']);
$postCphone = addslashes($_POST['cellPhone']);
$postEmail = addslashes($_POST['email']);
$postEcontact = addslashes($_POST['eContact']);
$postEcPhone = addslashes($_POST['eContactPhone']);
$postEcRel = addslashes($_POST['eContactRel']);
$postClub = addslashes($_POST['club']);
if ($storedMemberType == 0 || $storedMemberType == 2 || $storedMemberType == 3) {
if ($postClub == "SCCNH") {
$postMemberType = 2;
} else {
if ($postClub == "None") {
$postMemberType = 0;
} else {
$postMemberType = 3;
}
}
// Partner-member
} else {
if ($storedMemberType == 1) {
$postClub = "SCCNH";
$postMemberType = 1;
// SCCNH member (registered on-line)
}
}
// now we insert it into the database
$update = "UPDATE users SET \n fname='{$postFname}', \n lname='{$postLname}', \n addr1='{$postAddr1}', \n addr2='{$postAddr2}', \n city='{$postCity}', \n state='{$postState}', \n zip='{$postZip}', \n hphone='{$postHphone}',\n cphone='{$postCphone}',\n email='{$postEmail}',\n econtact='{$postEcontact}',\n econtact_phone='{$postEcPhone}',\n econtact_rel='{$postEcRel}',\n member='{$postMemberType}',\n club='{$postClub}'\n WHERE username='******'";
mysql_query($update);
$check2 = mysql_query("SELECT * FROM users WHERE username = '******'") or die(mysql_error());
$info2 = mysql_fetch_array($check2);
if ($info2 && !isUserInfoComplete($info2)) {
mysql_close();
die("Required user info not complete. Please <a href=\"userinfo.php\">go back</a> to continue.</html>");
} else {
mysql_close();
// echo "Saved?".$update."!";
// below lines must be html commented when working outside of php system or it will be interpreted and executed
// reload the admin/user screen.
echo "<script type=\"text/javascript\">parent.main_setBodyFrame('admin_users.php');\n";
// return to the user screen.
echo "parent.main_popupWindowCancel();</script></body></html>";
}
} else {
if (isset($_POST['submitDelete'])) {
// check for vehicles first...
$vehcheck = mysql_query("SELECT * FROM vehicles WHERE userOwner = '{$username}'") or die(mysql_error());
while ($vehinfo = mysql_fetch_assoc($vehcheck)) {
$qVehID = $vehinfo['vehicleID'];
// first delete the owners vehicles from any events
deleteVehicleFromEvents($qVehID);
// then delete the vehicle.
mysql_query("DELETE FROM vehicles WHERE vehicleID = '{$qVehID}'");
}
// now delete the user
mysql_query("DELETE FROM users WHERE username = '******'");
mysql_close();
// below lines must be html commented when working outside of php system or it will be interpreted and executed
// reload the admin/user screen.
echo "<script type=\"text/javascript\">parent.main_setBodyFrame('admin_users.php');\n";
// return to the user screen.
echo "parent.main_popupWindowCancel();</script></body></html>";
} else {
displayUserInfoForm($info);
}
}
}
}
