Rev 8 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 8 | Rev 11 | ||
---|---|---|---|
Line 20... | Line 20... | ||
20 | if ($f_gesperrt) |
20 | if ($f_gesperrt) |
21 | $f_gesp = '1'; |
21 | $f_gesp = '1'; |
22 | else |
22 | else |
23 | $f_gesp = '0'; |
23 | $f_gesp = '0'; |
24 | db_query("UPDATE `".$mysql_zugangsdaten['praefix']."users` SET `username` = '".db_escape($f_username)."', `personenname` = '".db_escape($f_personenname)."', `gesperrt` = '".db_escape($f_gesp)."', `email` = '".db_escape($f_email)."' WHERE `id` = '".db_escape($id)."'"); |
24 | db_query("UPDATE `".$mysql_zugangsdaten['praefix']."users` SET `username` = '".db_escape($f_username)."', `personenname` = '".db_escape($f_personenname)."', `gesperrt` = '".db_escape($f_gesp)."', `email` = '".db_escape($f_email)."' WHERE `id` = '".db_escape($id)."'"); |
25 | if ($f_neupwd) db_query("UPDATE `".$mysql_zugangsdaten['praefix']."users` SET `passwort` = '".md5($f_passwort)."' WHERE `id` = '".db_escape($id)."'"); |
25 | if ($f_neupwd) db_query("UPDATE `".$mysql_zugangsdaten['praefix']."users` SET `passwort` = '".md5($f_passwort)."' WHERE `id` = '".db_escape($id)."'"); // TODO: use sha3 hash, salted and peppered |
26 | 26 | ||
27 | if (!headers_sent()) header('location: '.$_SERVER['PHP_SELF'].'?modul='.urlencode($modul).'&seite=inhalt'); |
27 | if (!headers_sent()) header('location: '.$_SERVER['PHP_SELF'].'?modul='.urlencode($modul).'&seite=inhalt'); |
28 | } |
28 | } |
29 | 29 | ||
30 | if ($aktion == 'del') |
30 | if ($aktion == 'del') |