bug #164
This commit is contained in:
parent
060e7ca860
commit
f4b084bb18
2 changed files with 11 additions and 11 deletions
|
@ -1814,8 +1814,8 @@
|
|||
|
||||
if($id == 33 && $_SESSION['profile']['admin'] != 1)
|
||||
{
|
||||
$orgid = $_SESSION['_config']['orgid'];
|
||||
$query = "select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."'";
|
||||
$orgid = intval($_REQUEST['orgid']);
|
||||
$query = "select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'";
|
||||
$res = mysql_query($query);
|
||||
if(mysql_num_rows($res) <= 0)
|
||||
{
|
||||
|
@ -1840,7 +1840,7 @@
|
|||
$_SESSION['_config']['errmsg'] = sprintf(_("Wasn't able to match '%s' against any user in the system"), $_REQUEST['email']);
|
||||
} else {
|
||||
$row = mysql_fetch_assoc($res);
|
||||
mysql_query("insert into `org` set `memid`='".$row['id']."', `orgid`='".$_SESSION['_config']['orgid']."',
|
||||
mysql_query("insert into `org` set `memid`='".$row['id']."', `orgid`='".intval($_REQUEST['orgid'])."',
|
||||
`masteracc`='$masteracc', `OU`='$OU', `comments`='$comments'");
|
||||
}
|
||||
}
|
||||
|
@ -1849,9 +1849,8 @@
|
|||
{
|
||||
$orgid = intval($_REQUEST['orgid']);
|
||||
$memid = intval($_REQUEST['memid']);
|
||||
$res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."'");
|
||||
$_macc2 = mysql_num_rows(mysql_query("select * from `org` where `memid`='$memid' and `masteracc`='1'"));
|
||||
if(mysql_num_rows($res) <= 0 || $_macc2 > 0)
|
||||
$res = mysql_query("select * from `org` where `orgid`='$orgid' and `memid`='".$_SESSION['profile']['id']."' and `masteracc`='1'");
|
||||
if(mysql_num_rows($res) <= 0)
|
||||
{
|
||||
$id = 32;
|
||||
}
|
||||
|
|
|
@ -14,34 +14,35 @@
|
|||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<?
|
||||
$query = "select * from `orginfo` where `id`='".$_SESSION[_config][orgid]."'";
|
||||
$query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'";
|
||||
$row = mysql_fetch_assoc(mysql_query($query));
|
||||
?>
|
||||
<form method="post" action="account.php">
|
||||
<input type="hidden" name="orgid" value="<?=$_REQUEST['orgid']?>">
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<td colspan="2" class="title"><? printf(_("New Admin for %s"), $row[O]); ?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Email")?>:</td>
|
||||
<td class="DataTD"><input type="text" name="email" value="<?=$_SESSION[_config][email]?>"></td>
|
||||
<td class="DataTD"><input type="text" name="email" value="<?=$_SESSION['_config']['email']?>"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Department")?>:</td>
|
||||
<td class="DataTD"><input type="text" name="OU" value="<?=$_SESSION[_config][OU]?>"></td>
|
||||
<td class="DataTD"><input type="text" name="OU" value="<?=$_SESSION['_config']['OU']?>"></td>
|
||||
</tr>
|
||||
<? if($_SESSION['profile']['admin'] == 1) { ?>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Master Account")?>:</td>
|
||||
<td class="DataTD"><select name="masteracc">
|
||||
<option value="0">No</option>
|
||||
<option value="1"<? if($_SESSION[_config][masteracc] == 1) echo " selected"; ?>>Yes</option>
|
||||
<option value="1"<? if($_SESSION['_config']['masteracc'] == 1) echo " selected"; ?>>Yes</option>
|
||||
</select></td>
|
||||
</tr>
|
||||
<? } ?>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Comments")?>:</td>
|
||||
<td class="DataTD"><input type="text" name="comments" value="<?=$_SESSION[_config][comments]?>"></td>
|
||||
<td class="DataTD"><input type="text" name="comments" value="<?=$_SESSION['_config']['comments']?>"></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Add")?>"></td>
|
||||
|
|
Loading…
Reference in a new issue