Complete rewrite of and , wrapper functions added, see bug #101

[mailer.git] / inc / modules / admin / what-edit_user.php

diff --git a/inc/modules/admin/what-edit_user.php b/inc/modules/admin/what-edit_user.php
index 726707009f722baf5276923776ed5643758f75f5..3934d67c65a60a0b9fb1e9cd7ee56467feb3aee0 100644 (file)
--- a/inc/modules/admin/what-edit_user.php
+++ b/inc/modules/admin/what-edit_user.php
@@ -42,37 +42,37 @@ ADD_DESCR("admin", __FILE__);
 
 // Fix a notice
 $result_main = false;
-if (isset($_GET['u_id'])) {
+if (REQUEST_ISSET_GET(('uid'))) {
        //                                    0      1        2         3      4     5      6       7         8          9           10         11
        $result_main = SQL_QUERY_ESC("SELECT gender, surname, family, street_nr, zip, city, country, email, birth_day, birth_month, birth_year, max_mails
 FROM `{!_MYSQL_PREFIX!}_user_data`
 WHERE userid=%s
 LIMIT 1",
-               array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
+               array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__);
 }
 
-if ((SQL_NUMROWS($result_main) == 1) || (empty($_GET['u_id'])))
+if ((SQL_NUMROWS($result_main) == 1) || (!REQUEST_ISSET_GET(('uid'))))
 {
        // User found
-       if (empty($_GET['u_id']))
+       if (!REQUEST_ISSET_GET(('uid')))
        {
                // Output selection form with all confirmed user accounts listed
                ADD_MEMBER_SELECTION_BOX();
        }
-        elseif (isset($_POST['edit']))
+        elseif (REQUEST_ISSET_POST(('edit')))
        {
                // Ok, change the account...
                $PASS = false; $ADD = "";
-               if ((empty($_POST['pass1'])) && (empty($_POST['pass2'])))
+               if ((!REQUEST_ISSET_POST(('pass1'))) && (!REQUEST_ISSET_POST(('pass2'))))
                {
                        // Don't change the password
                        $PASS = true;
                }
-                elseif (($_POST['pass1'] == $_POST['pass2']))
+                elseif ((REQUEST_POST('pass1') == REQUEST_POST('pass2')))
                {
                        // Change the password
                        $PASS = true;
-                       $ADD = ", password='".generateHash($_POST['pass1'])."'";
+                       $ADD = ", password='".generateHash(REQUEST_POST('pass1'))."'";
                }
                if ($PASS)
                {
@@ -89,15 +89,15 @@ email='%s'
 ".$ADD."
 WHERE userid=%s LIMIT 1",
  array(
-       substr($_POST['gender'], 0, 1),
-       $_POST['surname'],
-       $_POST['family_name'],
-       $_POST['street_nr'],
-       $_POST['country'],
-       bigintval($_POST['zip']),
-       $_POST['city'],
-       $_POST['email'],
-       bigintval($_GET['u_id']),
+       substr(REQUEST_POST('gender'), 0, 1),
+       REQUEST_POST('surname'),
+       REQUEST_POST('family'),
+       REQUEST_POST('street_nr'),
+       REQUEST_POST('country'),
+       bigintval(REQUEST_POST('zip')),
+       REQUEST_POST('city'),
+       REQUEST_POST('email'),
+       bigintval(REQUEST_GET('uid')),
 ), __FILE__, __LINE__);
                        $content = USER_ACCOUNT_SAVED;
                }
@@ -143,11 +143,11 @@ WHERE userid=%s LIMIT 1",
                define('_COUNTRY', $country); define('_EMAIL' , $email);
 
                // Load template
-               LOAD_TEMPLATE("admin_edit_user", false, bigintval($_GET['u_id']));
+               LOAD_TEMPLATE("admin_edit_user", false, bigintval(REQUEST_GET('uid')));
        }
 } else {
        // Account does not exists!
-       LOAD_TEMPLATE("admin_settings_saved", false, "<div class=\"admin_failed\">".sprintf(getMessage('ADMIN_MEMBER_404'), $_GET['u_id'])."</div>");
+       LOAD_TEMPLATE("admin_settings_saved", false, "<div class=\"admin_failed\">".sprintf(getMessage('ADMIN_MEMBER_404'), REQUEST_GET('uid'))."</div>");
 }
 
 //