X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-lock_user.php;h=d31d1e7c1c68e4b3da96eef71727f5b06bd8e798;hb=49654afc3fc819c4a9e65be2d870782f5e33e60d;hp=d2e1fd48fbb58368cb36371178fa95415372f4ff;hpb=75ad748a68473ace540251427a74fb781b1145e9;p=mailer.git
diff --git a/inc/modules/admin/what-lock_user.php b/inc/modules/admin/what-lock_user.php
index d2e1fd48fb..d31d1e7c1c 100644
--- a/inc/modules/admin/what-lock_user.php
+++ b/inc/modules/admin/what-lock_user.php
@@ -44,7 +44,7 @@ ADD_DESCR("admin", basename(__FILE__));
OPEN_TABLE("100%", "admin_content admin_content_align", "");
if (!empty($_GET['u_id']))
{
- $result_user = SQL_QUERY_ESC("SELECT status, sex, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result_user = SQL_QUERY_ESC("SELECT status, sex, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
$ACT = false;
if (SQL_NUMROWS($result_user) == 1)
@@ -56,16 +56,14 @@ if (!empty($_GET['u_id']))
{
// Output selection form with all confirmed user accounts listed
ADD_MEMBER_SELECTION_BOX();
- }
- elseif (!empty($_POST['lock']))
- {
+ } elseif (!empty($_POST['lock'])) {
// Ok, lock the account!
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET status='LOCKED' WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET status='LOCKED' WHERE userid=%s LIMIT 1",
array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1)
{
// Send an email to the user! In later version you can optionally switch this feature off
- $msg = LOAD_EMAIL_TEMPLATE("lock-user", stripslashes($_POST['reason']), $_GET['u_id']);
+ $msg = LOAD_EMAIL_TEMPLATE("lock-user", $_POST['reason'], bigintval($_GET['u_id']));
// Send away...
SEND_EMAIL($email, ADMIN_LOCKED_SUBJ, $msg);
@@ -74,16 +72,14 @@ if (!empty($_GET['u_id']))
// Prepare message
$MSG = USER_ACCOUNT_LOCKED_1.$_GET['u_id'].USER_ACCOUNT_LOCKED_2;
$ACT = true;
- }
- elseif (!empty($_POST['unlock']))
- {
+ } elseif (!empty($_POST['unlock'])) {
// Ok, unlock the account!
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET status='CONFIRMED' WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET status='CONFIRMED' WHERE userid=%s LIMIT 1",
array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1)
{
// Send an email to the user! In later version you can optionally switch this feature off
- $msg = LOAD_EMAIL_TEMPLATE("unlock-user", stripslashes($_POST['reason']), $_GET['u_id']);
+ $msg = LOAD_EMAIL_TEMPLATE("unlock-user", $_POST['reason'], bigintval($_GET['u_id']));
// Send away...
SEND_EMAIL($email, ADMIN_UNLOCKED_SUBJ, $msg);
@@ -110,7 +106,7 @@ if (!empty($_GET['u_id']))
}
else
{
- $result = SQL_QUERY_ESC("SELECT email, surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT email, surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1)
{
@@ -155,7 +151,7 @@ if (!empty($_GET['u_id']))
else
{
// Account does not exists!
- OUTPUT_HTML ("".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2."");
+ OUTPUT_HTML("".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2."");
}
}
if (!empty($URL))
@@ -179,7 +175,7 @@ if (!empty($_GET['u_id']))
else
{
// Account does not exists!
- OUTPUT_HTML ("".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2."");
+ OUTPUT_HTML("".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2."");
}
}
else