foreach ($first_names_array as $individual_name) { $initials .= trim(substr($individual_name, 0, 1)); } // Update 'users' table. $tmp_roles = $_POST['roles']; $gender = $_POST['gender']; if ($gender == '') { $gender = NULL; } $result = $mysqli->prepare("UPDATE users SET roles = ?, title = ?, initials = ?, surname = ?, grade = ?, yearofstudy = ?, username = ?, email = ?, first_names = ?, gender = ? WHERE id = ?"); $result->bind_param('sssssissssi', $tmp_roles, $_POST['title'], $initials, $_POST['surname'], $_POST['grade'], $_POST['year'], $_POST['username'], $_POST['email'], $_POST['first_names'], $gender, $userID); $result->execute(); $result->close(); // Remove from teams if 'left'. if (strtolower($tmp_roles) == 'left') { UserUtils::clear_staff_modules_by_userID($userID, $mysqli); } // Remove from admin access if role changed from Admin if ($userObject->has_role('SysAdmin')) { if ($tmp_roles != $_POST['prev_roles'] and $_POST['prev_roles'] == 'Staff,Admin') { UserUtils::clear_admin_access($userID, $mysqli); } } // Update 'sid' table; $result = $mysqli->prepare("DELETE FROM sid WHERE userID = ?"); $result->bind_param('i', $userID); $result->execute(); $result->close(); if (isset($_POST['sid']) and $_POST['sid'] != '' and $_POST['sid'] != $string['unknown']) { $result = $mysqli->prepare("INSERT INTO sid VALUES (?, ?)"); $result->bind_param('si', $_POST['sid'], $userID);
// You should have received a copy of the GNU General Public License // along with Rogō. If not, see <http://www.gnu.org/licenses/>. /** * * @author Simon Wilkinson * @version 1.0 * @copyright Copyright (c) 2014 The University of Nottingham * @package */ require_once '../include/admin_auth.inc'; require_once '../include/errors.inc'; require_once '../classes/userutils.class.php'; $userID = check_var('userID', 'REQUEST', true, false, true); if (isset($_POST['submit'])) { // Clear the team of all members. UserUtils::clear_staff_modules_by_userID($_POST['userID'], $mysqli); // Insert a record for each team member. for ($i = 0; $i < $_POST['module_no']; $i++) { if (isset($_POST["mod{$i}"]) and $_POST["mod{$i}"] != '') { UserUtils::add_staff_to_module($userID, $_POST["mod{$i}"], $mysqli); } } ?> <html> <head> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta http-equiv="content-type" content="text/html;charset=<?php echo $configObject->get('cfg_page_charset'); ?> " /> <title><?php