X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-del_user.php;h=08ea5c04e9e48bd7df41c1c7d40f4cf3b5d41c06;hp=f95a9035ea2ac8ee5366c1276e91d2043807321f;hb=d8148e3f1f3a6762b2e786dbe99ada269dcf2ea0;hpb=6032b7018b83778f1592383238f4e0d28f718622 diff --git a/inc/modules/admin/what-del_user.php b/inc/modules/admin/what-del_user.php index f95a9035ea..08ea5c04e9 100644 --- a/inc/modules/admin/what-del_user.php +++ b/inc/modules/admin/what-del_user.php @@ -32,41 +32,40 @@ ************************************************************************/ // Some security stuff... -if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) -{ +if ((!defined('__SECURITY')) || (!IS_ADMIN())) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } // Display only title when no form was submitted -ADD_DESCR("admin", basename(__FILE__)); +ADD_DESCR("admin", __FILE__); // User exists.. -if ((isset($_POST['ok'])) || ((isset($_POST['del'])) && (!empty($_POST['reason'])))) { +if ((IS_FORM_SENT()) || ((REQUEST_ISSET_POST(('del'))) && (REQUEST_ISSET_POST(('reason'))))) { // Delete users account - $result_user = SQL_QUERY_ESC("SELECT userid FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", - array(bigintval($_GET['u_id'])), __FILE__, __LINE__); + $result_user = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", + array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__); if (SQL_NUMROWS($result_user) == 1) { // Free memory - SQL_FREERESULT($result); + SQL_FREERESULT($result_user); // Delete user account - DELETE_USER_ACCOUNT(bigintval($_GET['u_id']), $_POST['reason']); - OUTPUT_HTML("".ADMIN_DEL_COMPLETED.""); + DELETE_USER_ACCOUNT(bigintval(REQUEST_GET('uid')), REQUEST_POST('reason')); + LOAD_TEMPLATE("admin_settings_saved", false, "
".ADMIN_DEL_COMPLETED."
"); } else { // Account does not exists! - OUTPUT_HTML("".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2.""); + LOAD_TEMPLATE("admin_settings_saved", false, "
".sprintf(getMessage('ADMIN_MEMBER_404'), REQUEST_GET('uid'))."
"); } -} elseif (!empty($_POST['no'])) { +} elseif (REQUEST_ISSET_POST(('no'))) { // Do not delete him... - LOAD_URL("modules.php?module=admin&what=list_user&u_id=".$_GET['u_id']); -} elseif (empty($_GET['u_id'])) { + LOAD_URL("modules.php?module=admin&what=list_user&uid=".REQUEST_GET('uid')); +} elseif (!REQUEST_ISSET_GET(('uid'))) { // Output selection form with all confirmed user accounts listed ADD_MEMBER_SELECTION_BOX(); } else { // Realy want to delete? - $result = SQL_QUERY_ESC("SELECT email, surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1", - array(bigintval($_GET['u_id'])), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT email, surname, family FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1", + array(bigintval(REQUEST_GET('uid'))), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { // Load data list ($email, $sname, $fname) = SQL_FETCHROW($result); @@ -76,13 +75,13 @@ if ((isset($_POST['ok'])) || ((isset($_POST['del'])) && (!empty($_POST['reason'] define('__EMAIL', CREATE_EMAIL_LINK($email, "user_data")); define('__SNAME', $sname); define('__FNAME', $fname); - define('__UID' , $_GET['u_id']); + define('__UID' , REQUEST_GET('uid')); // Display form LOAD_TEMPLATE("admin_del_user"); } else { // Account does not exists! - OUTPUT_HTML("".ADMIN_MEMBER_404_1.$_GET['u_id'].ADMIN_MEMBER_404_2.""); + LOAD_TEMPLATE("admin_settings_saved", false, "
".sprintf(getMessage('ADMIN_MEMBER_404'), REQUEST_GET('uid'))."
"); } }