// Fix a notice
$result_main = false;
-if (isset($_GET['u_id'])) {
+if (REQUEST_ISSET_GET(('uid'))) {
// 0 1 2 3 4 5 6 7 8 9 10 11
$result_main = SQL_QUERY_ESC("SELECT gender, surname, family, street_nr, zip, city, country, email, birth_day, birth_month, birth_year, max_mails
-FROM `"._MYSQL_PREFIX."_user_data`
+FROM `{!_MYSQL_PREFIX!}_user_data`
WHERE userid=%s
LIMIT 1",
- array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
+ array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
}
-if ((SQL_NUMROWS($result_main) == 1) || (empty($_GET['u_id'])))
+if ((SQL_NUMROWS($result_main) == 1) || (!REQUEST_ISSET_GET(('uid'))))
{
// User found
- if (empty($_GET['u_id']))
+ if (!REQUEST_ISSET_GET(('uid')))
{
// Output selection form with all confirmed user accounts listed
ADD_MEMBER_SELECTION_BOX();
}
- elseif (isset($_POST['edit']))
+ elseif (REQUEST_ISSET_POST('edit'))
{
// Ok, change the account...
$PASS = false; $ADD = "";
- if ((empty($_POST['pass1'])) && (empty($_POST['pass2'])))
+ if ((!REQUEST_ISSET_POST(('pass1'))) && (!REQUEST_ISSET_POST(('pass2'))))
{
// Don't change the password
$PASS = true;
}
- elseif (($_POST['pass1'] == $_POST['pass2']))
+ elseif ((REQUEST_POST('pass1') == REQUEST_POST('pass2')))
{
// Change the password
$PASS = true;
- $ADD = ", password='".generateHash($_POST['pass1'])."'";
+ $ADD = ", password='".generateHash(REQUEST_POST('pass1'))."'";
}
if ($PASS)
{
// We have to add the following things: birthday and max receive mails
- SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET
+ SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_user_data` SET
gender='%s',
surname='%s',
family='%s',
".$ADD."
WHERE userid=%s LIMIT 1",
array(
- substr($_POST['gender'], 0, 1),
- $_POST['surname'],
- $_POST['family_name'],
- $_POST['street_nr'],
- $_POST['country'],
- bigintval($_POST['zip']),
- $_POST['city'],
- $_POST['email'],
- bigintval($_GET['u_id']),
+ substr(REQUEST_POST('gender'), 0, 1),
+ REQUEST_POST('surname'),
+ REQUEST_POST('family'),
+ REQUEST_POST('street_nr'),
+ REQUEST_POST('country'),
+ bigintval(REQUEST_POST('zip')),
+ REQUEST_POST('city'),
+ REQUEST_POST('email'),
+ bigintval(REQUEST_GET('uid')),
), __FILE__, __LINE__);
$content = USER_ACCOUNT_SAVED;
}
define('_COUNTRY', $country); define('_EMAIL' , $email);
// Load template
- LOAD_TEMPLATE("admin_edit_user", false, bigintval($_GET['u_id']));
+ LOAD_TEMPLATE("admin_edit_user", false, bigintval(REQUEST_GET('uid')));
}
-}
- else
-{
+} else {
// Account does not exists!
- LOAD_TEMPLATE("admin_settings_saved", false, "<div class=\"admin_failed\">".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2."</div>");
+ LOAD_TEMPLATE("admin_settings_saved", false, "<div class=\"admin_failed\">".sprintf(getMessage('ADMIN_MEMBER_404'), REQUEST_GET('uid'))."</div>");
}
//