/
manage_user_update.php3
74 lines (68 loc) · 1.98 KB
/
manage_user_update.php3
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
<?
# Mantis - a php based bugtracking system
# Copyright (C) 2000, 2001 Kenzaburo Ito - kenito@300baud.org
# This program is distributed under the terms and conditions of the GPL
# See the README and LICENSE files for details
?>
<? include( "core_API.php" ) ?>
<? login_cookie_check() ?>
<?
db_connect( $g_hostname, $g_db_username, $g_db_password, $g_database_name );
if ( !access_level_check_greater_or_equal( "administrator" ) ) {
### need to replace with access error page
header( "Location: $g_logout_page" );
exit;
}
### update action
### administrator is not allowed to change access level or enabled
### this is to prevent screwing your own account
if ( $f_protected=="on" ) {
$query = "UPDATE $g_mantis_user_table
SET username='$f_username', email='$f_email',
protected='$f_protected'
WHERE id='$f_id'";
}
else {
$query = "UPDATE $g_mantis_user_table
SET username='$f_username', email='$f_email',
access_level='$f_access_level', enabled='$f_enabled',
protected='$f_protected'
WHERE id='$f_id'";
}
$result = db_query( $query );
?>
<? print_html_top() ?>
<? print_head_top() ?>
<? print_title( $g_window_title ) ?>
<? print_css( $g_css_include_file ) ?>
<?
if ( $result ) {
print_meta_redirect( $g_manage_page, $g_wait_time );
}
?>
<? include( $g_meta_include_file ) ?>
<? print_head_bottom() ?>
<? print_body_top() ?>
<? print_header( $g_page_title ) ?>
<p>
<? print_menu( $g_menu_include_file ) ?>
<p>
<div align=center>
<?
if ( $f_protected=="on" ) {
PRINT "$s_manage_user_protected_msg<p>";
}
else if ( $result ) {
PRINT "$s_manage_user_updated_msg<p>";
}
else {
PRINT "$s_sql_error_detected <a href=\"<? echo $g_administrator_email ?>\">administrator</a><p>";
echo $query;
}
?>
<p>
<a href="<? echo $g_manage_page ?>"><? echo $s_proceed ?></a>
</div>
<? print_footer(__FILE__) ?>
<? print_body_bottom() ?>
<? print_html_bottom() ?>