Esempio n. 1
0
    }
    if (isset($_SESSION['superadmin']) || isset($_SESSION['admin']) && 2 > intval(getUserDataByID($id)['status'])) {
        disableAcc($id);
    } else {
        die("error");
    }
}
if (isset($_POST['theme']) && isset($_POST['themename'])) {
    $themename = mysql_html($_POST['themename']);
    writeStyleToPreferences($_SESSION['uid'], $themename);
}
if (isset($_POST['sidebar']) && isset($_POST['collapse']) && isset($_POST['sfloat']) && isset($_POST['hover']) && isset($_POST['scrollbar'])) {
    $collapse = mysql_html($_POST['collapse']);
    $sfloat = mysql_html($_POST['sfloat']);
    $hover = mysql_html($_POST['hover']);
    $scrollbar = mysql_html($_POST['scrollbar']);
    writeSidebarToPreferences($_SESSION['uid'], $collapse, $sfloat, $hover, $scrollbar);
}
if (isset($_POST['editUser']) && isset($_POST['id']) && isset($_POST['origin']) && isset($_POST['status'])) {
    editUserData();
}
function editUserData()
{
    $id = intval($_POST['id']);
    if ($id == 0) {
        die("error");
    }
    $origin = intval($_POST['origin']);
    $status = intval($_POST['status']);
    $getmail = $_POST['getmail'] === "true" ? 1 : 0;
    if (isset($_SESSION['superadmin']) || isset($_SESSION['admin']) && getUserStatus($id) < 2 && $status < 2) {
Esempio n. 2
0
function editUser($id, $origin, $status, $username = null, $password = null, $email = null, $fullname = null, $getmail = 1)
{
    global $mysql;
    if ($origin == 1) {
        $query = "UPDATE 1fx_users SET status={$status}, prefer_email={$getmail} WHERE user_id={$id} AND origin={$origin}";
        mysqli_query($mysql, $query);
    } else {
        $username = mysql_html($username);
        $fullname = mysql_html($fullname);
        $email = mysql_html($email);
        $query = "";
        if (strlen(trim($password)) == 0) {
            $query = "UPDATE 1fx_users SET prefer_email={$getmail}, username='******', fullname='{$fullname}', email='{$email}', status={$status} WHERE user_id={$id} AND origin={$origin}";
        } else {
            $password = password_hash(mysql_html($password), PASSWORD_DEFAULT);
            $query = "UPDATE 1fx_users SET prefer_email={$getmail}, username='******', password='******', fullname='{$fullname}', email='{$email}', status={$status} WHERE user_id={$id} AND origin={$origin}";
        }
        $result = mysqli_query($mysql, $query);
        if (!$result) {
            die("error");
        }
    }
}