{
// Output selection form with all confirmed user accounts listed
ADD_MEMBER_SELECTION_BOX();
- }
- elseif (!empty($_POST['lock']))
- {
+ } elseif (!empty($_POST['lock'])) {
// Ok, lock the account!
$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET status='LOCKED' WHERE userid=%d LIMIT 1",
array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1)
{
// Send an email to the user! In later version you can optionally switch this feature off
- $msg = LOAD_EMAIL_TEMPLATE("lock-user", stripslashes($_POST['reason']), $_GET['u_id']);
+ $msg = LOAD_EMAIL_TEMPLATE("lock-user", $_POST['reason'], bigintval($_GET['u_id']));
// Send away...
SEND_EMAIL($email, ADMIN_LOCKED_SUBJ, $msg);
// Prepare message
$MSG = USER_ACCOUNT_LOCKED_1.$_GET['u_id'].USER_ACCOUNT_LOCKED_2;
$ACT = true;
- }
- elseif (!empty($_POST['unlock']))
- {
+ } elseif (!empty($_POST['unlock'])) {
// Ok, unlock the account!
$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET status='CONFIRMED' WHERE userid=%d LIMIT 1",
array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1)
{
// Send an email to the user! In later version you can optionally switch this feature off
- $msg = LOAD_EMAIL_TEMPLATE("unlock-user", stripslashes($_POST['reason']), $_GET['u_id']);
+ $msg = LOAD_EMAIL_TEMPLATE("unlock-user", $_POST['reason'], bigintval($_GET['u_id']));
// Send away...
SEND_EMAIL($email, ADMIN_UNLOCKED_SUBJ, $msg);