aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--admin/group_list.php2
-rw-r--r--admin/user_modify.php10
2 files changed, 5 insertions, 7 deletions
diff --git a/admin/group_list.php b/admin/group_list.php
index 2f61a2be2..840fefbe7 100644
--- a/admin/group_list.php
+++ b/admin/group_list.php
@@ -33,7 +33,7 @@ if ( isset ( $_GET['delete'] ) and is_numeric( $_GET['delete'] ) )
$query.= ';';
$row = mysql_fetch_array( mysql_query( $query ) );
// confirm group deletion ?
- if ( $_GET['confirm'] != 1 )
+ if ( !isset( $_GET['confirm'] ) or $_GET['confirm'] != 1 )
{
$vtp->addSession( $sub, 'deletion' );
$vtp->setVar( $sub, 'deletion.name', $row['name'] );
diff --git a/admin/user_modify.php b/admin/user_modify.php
index 5c01de0f5..9d35547cd 100644
--- a/admin/user_modify.php
+++ b/admin/user_modify.php
@@ -39,6 +39,7 @@ $query.= ';';
$row = mysql_fetch_array( mysql_query( $query ) );
$page['username'] = $row['username'];
$page['status'] = $row['status'];
+if ( !isset( $row['mail_address'] ) ) $row['mail_address'] = '';
$page['mail_address'] = $row['mail_address'];
// user is not modifiable if :
// 1. the selected user is the user "guest"
@@ -62,10 +63,7 @@ if ( sizeof( $error ) == 0 and isset( $_POST['submit'] ) )
{
// shall we use a new password and overwrite the old one ?
$use_new_password = false;
- if ( $_POST['use_new_pwd'] == 1)
- {
- $use_new_password = true;
- }
+ if ( isset( $_POST['use_new_pwd'] ) ) $use_new_password = true;
// if we try to update the webmaster infos, we have to set the status to
// 'admin'
if ( $row['username'] == $conf['webmaster'] )
@@ -88,7 +86,7 @@ if ( isset( $_POST['submit'] ) )
while ( $row = mysql_fetch_array( $result ) )
{
$dissociate = 'dissociate-'.$row['id'];
- if ( $_POST[$dissociate] == 1 )
+ if ( isset( $_POST[$dissociate] ) )
{
$query = 'DELETE FROM '.PREFIX_TABLE.'user_group';
$query.= ' WHERE user_id = '.$_GET['user_id'];
@@ -126,7 +124,7 @@ if ( sizeof( $error ) == 0 and isset( $_POST['submit'] ) )
$url = add_session_id( './admin.php?page=user_list' );
$vtp->setVar( $sub, 'confirmation.url', $url );
$vtp->closeSession( $sub, 'confirmation' );
- if ( $use_new_pwd )
+ if ( $use_new_password )
{
$vtp->addSession( $sub, 'password_updated' );
$vtp->closeSession( $sub, 'password_updated' );