function generate_authlog_where($vars) { $sql = ''; // Build query foreach ($vars as $var => $value) { switch ($var) { case "user_id": if ($value == '') { continue; } $value = auth_username_by_id($value); //break; //break; case "user": case "username": if ($value == '') { continue; } $sql .= generate_query_values($value, 'user'); break; case "address": case "ip": if ($value == '') { continue; } $sql .= generate_query_values($value, 'address', '%LIKE%'); break; case "useragent": case "user_agent": $sql .= generate_query_values($value, 'user_agent', '%LIKE%'); break; case "result": //case "action": $sql .= generate_query_values($value, 'result', 'LIKE%'); break; } } if (strlen($sql)) { $sql = ' WHERE 1' . $sql; } else { if ($_SESSION['userlevel'] != 10) { // Complete hide for non-priveleged users $sql = ' WHERE 0'; } } return $sql; }
} if (count($update_array)) { $status = dbUpdate($update_array, 'users', '`user_id` = ?', array($vars['user_id'])); } if ($status) { print_success("User Info Changed."); } else { print_error("User Info not changed."); } } break; } if ($status) { // Reload user info //$user_data = dbFetchRow("SELECT * FROM `users` WHERE `user_id` = ?", array($vars['user_id'])); $user_data['username'] = auth_username_by_id($vars['user_id']); $user_data = auth_user_info($user_data['username']); $user_data['level'] = auth_user_level($user_data['username']); humanize_user($user_data); // Get level_label, level_real, label_class, row_class, etc } } // FIXME broken PoS code. /* if ($vars['action'] == "becomeuser") { $_SESSION['origusername'] = $_SESSION['username']; $_SESSION['username'] = $user_data['username']; header('Location: '.$config['base_url']); dbInsert(array('user' => $_SESSION['origusername'], 'address' => $_SERVER["REMOTE_ADDR"], 'result' => 'Became ' . $_SESSION['username']), 'authlog');