示例#1
0
    $gender = $_POST['gender'];
    if ($gender == '') {
        $gender = NULL;
    }
    $result = $mysqli->prepare("UPDATE users SET roles = ?, title = ?, initials = ?, surname = ?, grade = ?, yearofstudy = ?, username = ?, email = ?, first_names = ?, gender = ? WHERE id = ?");
    $result->bind_param('sssssissssi', $tmp_roles, $_POST['title'], $initials, $_POST['surname'], $_POST['grade'], $_POST['year'], $_POST['username'], $_POST['email'], $_POST['first_names'], $gender, $userID);
    $result->execute();
    $result->close();
    // Remove from teams if 'left'.
    if (strtolower($tmp_roles) == 'left') {
        UserUtils::clear_staff_modules_by_userID($userID, $mysqli);
    }
    // Remove from admin access if role changed from Admin
    if ($userObject->has_role('SysAdmin')) {
        if ($tmp_roles != $_POST['prev_roles'] and $_POST['prev_roles'] == 'Staff,Admin') {
            UserUtils::clear_admin_access($userID, $mysqli);
        }
    }
    // Update 'sid' table;
    $result = $mysqli->prepare("DELETE FROM sid WHERE userID = ?");
    $result->bind_param('i', $userID);
    $result->execute();
    $result->close();
    if (isset($_POST['sid']) and $_POST['sid'] != '' and $_POST['sid'] != $string['unknown']) {
        $result = $mysqli->prepare("INSERT INTO sid VALUES (?, ?)");
        $result->bind_param('si', $_POST['sid'], $userID);
        $result->execute();
        $result->close();
    }
    ?>
<!DOCTYPE html>