if (!empty($POST['pass1'][$id])) $ADD = sprintf(", password='%s'", SQL_ESCAPE($hash));
// Get admin's ID
- $salt = substr(GET_ADMIN_HASH(get_session('admin_login')), 0, -40);
$aid = GET_ADMIN_ID(get_session('admin_login'));
+ $salt = substr(GET_ADMIN_HASH($aid), 0, -40);
// Rewrite cookie when it's own account
if ($aid == $id) {