} else { if (isset($_POST['name']) && isset($_POST['email']) && isset($_POST['points']) && (!$GLOBALS['me']->is_admin || isset($_POST['privileges']) && in_array($_POST['privileges'], array(0, 1, 2)))) { if (actions::edit_user($_GET['id'], array('name' => $_POST['name'], 'email' => $_POST['email'], 'points' => $_POST['points'], 'credits' => $GLOBALS['me']->is_admin && isset($_POST['credits']) ? $_POST['credits'] : $info->credits, 'privileges' => $GLOBALS['me']->is_admin ? $_POST['privileges'] : $info->privileges, 'erole' => $GLOBALS['me']->is_admin && isset($_POST['erole']) && (int) $_POST['privileges'] === 1 ? $_POST['erole'] : $info->erole, 'subscriber' => isset($_POST['subscriber']) ? 1 : 0, 'confirm' => isset($_POST['confirm']) ? 1 : 0))) { $info = \query\main::user_infos($_GET['id']); echo '<div class="a-success">' . $LANG['msg_saved'] . '</div>'; } else { echo '<div class="a-error">' . $LANG['msg_error'] . '</div>'; } } } } } else { if (isset($_GET['type']) && isset($_GET['token']) && check_csrf($_GET['token'], 'users_csrf')) { if ($_GET['type'] == 'delete_avatar') { if (isset($_GET['id'])) { if (actions::delete_user_avatar($_GET['id'])) { $info->avatar = ''; echo '<div class="a-success">' . $LANG['msg_deleted'] . '</div>'; } else { echo '<div class="a-error">' . $LANG['msg_error'] . '</div>'; } } } } } $_SESSION['users_csrf'] = $csrf; echo '<div class="form-table"> <form action="#" method="POST" enctype="multipart/form-data"> <div class="row"><span>' . $LANG['form_name'] . ':</span><div><input type="text" name="name" value="' . $info->name . '" /></div></div>