diff --git a/edituser.php b/edituser.php
index 0c45eac..78b8c36 100644
--- a/edituser.php
+++ b/edituser.php
@@ -1,55 +1,116 @@
link);
+ if(!$result)
+ {
+ errorpage("You must be logged in to edit preferences");
+ exit;
+ }
+ list($user->stamp, $user->userid, $user->username, $user->realname,
+ $user->created, $status, $perm) = mysql_fetch_row($result);
-apidb_header("Edit User");
-
-$t = new TableVE("edit");
+ global $ext_username, $ext_password1, $ext_password2, $ext_realname, $ext_email, $ext_hasadmin;
if($HTTP_POST_VARS)
{
- $t->update($HTTP_POST_VARS);
-}
-else
-{
- $qc = new qclass();
- $qc->add_fields(make_fields($user_fields, "user_list"));
- if($username)
- $qc->add_where("username = '$username'");
+ if ($ext_password == $ext_password2)
+ {
+ $passwd = $ext_password;
+ }
+ else if ($ext_password)
+ {
+ addmsg("The Passwords you entered did not match.", "red");
+ }
+
+ if ($user->update($userid, $passwd, $ext_realname, $ext_email))
+ {
+ addmsg("Preferences Updated", "green");
+ }
else
- $qc->add_where("userid = $userid");
- $qc->resolve();
+ {
+ addmsg("There was a problem updating the user's info", "red");
+ }
+ if($ext_hasadmin=="on")
+ $user->addpriv("admin");
+ else
+ $user->delpriv("admin");
+}
- $query = $qc->get_query();
+{
+ // show form
- if(debugging())
- echo "$query
\n";
- $t->edit($query);
+ apidb_header("Edit User");
+
+ echo "\n";
}
apidb_footer();
-
?>
diff --git a/include/user.php b/include/user.php
index 9de9a42..d18a9de 100644
--- a/include/user.php
+++ b/include/user.php
@@ -229,8 +229,7 @@ class User {
return 1;
$result = mysql_query("INSERT INTO user_privs VALUES ($this->userid, '$priv')", $this->link);
-
- return mysql_affected_rows($result);
+ return $result;
}
function delpriv($priv)
@@ -239,7 +238,7 @@ class User {
return 0;
$result = mysql_query("DELETE FROM user_privs WHERE userid = $this->userid AND priv = '$priv'", $this->link);
- return mysql_num_rows($result);
+ return $result;
}