diff options
Diffstat (limited to 'admin')
-rw-r--r-- | admin/group_list.php | 2 | ||||
-rw-r--r-- | admin/user_modify.php | 10 |
2 files changed, 5 insertions, 7 deletions
diff --git a/admin/group_list.php b/admin/group_list.php index 2f61a2be2..840fefbe7 100644 --- a/admin/group_list.php +++ b/admin/group_list.php @@ -33,7 +33,7 @@ if ( isset ( $_GET['delete'] ) and is_numeric( $_GET['delete'] ) ) $query.= ';'; $row = mysql_fetch_array( mysql_query( $query ) ); // confirm group deletion ? - if ( $_GET['confirm'] != 1 ) + if ( !isset( $_GET['confirm'] ) or $_GET['confirm'] != 1 ) { $vtp->addSession( $sub, 'deletion' ); $vtp->setVar( $sub, 'deletion.name', $row['name'] ); diff --git a/admin/user_modify.php b/admin/user_modify.php index 5c01de0f5..9d35547cd 100644 --- a/admin/user_modify.php +++ b/admin/user_modify.php @@ -39,6 +39,7 @@ $query.= ';'; $row = mysql_fetch_array( mysql_query( $query ) ); $page['username'] = $row['username']; $page['status'] = $row['status']; +if ( !isset( $row['mail_address'] ) ) $row['mail_address'] = ''; $page['mail_address'] = $row['mail_address']; // user is not modifiable if : // 1. the selected user is the user "guest" @@ -62,10 +63,7 @@ if ( sizeof( $error ) == 0 and isset( $_POST['submit'] ) ) { // shall we use a new password and overwrite the old one ? $use_new_password = false; - if ( $_POST['use_new_pwd'] == 1) - { - $use_new_password = true; - } + if ( isset( $_POST['use_new_pwd'] ) ) $use_new_password = true; // if we try to update the webmaster infos, we have to set the status to // 'admin' if ( $row['username'] == $conf['webmaster'] ) @@ -88,7 +86,7 @@ if ( isset( $_POST['submit'] ) ) while ( $row = mysql_fetch_array( $result ) ) { $dissociate = 'dissociate-'.$row['id']; - if ( $_POST[$dissociate] == 1 ) + if ( isset( $_POST[$dissociate] ) ) { $query = 'DELETE FROM '.PREFIX_TABLE.'user_group'; $query.= ' WHERE user_id = '.$_GET['user_id']; @@ -126,7 +124,7 @@ if ( sizeof( $error ) == 0 and isset( $_POST['submit'] ) ) $url = add_session_id( './admin.php?page=user_list' ); $vtp->setVar( $sub, 'confirmation.url', $url ); $vtp->closeSession( $sub, 'confirmation' ); - if ( $use_new_pwd ) + if ( $use_new_password ) { $vtp->addSession( $sub, 'password_updated' ); $vtp->closeSession( $sub, 'password_updated' ); |