313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
|
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
|
+
+
|
}
/* Check for requests to delete the user */
if( P("delete") && cgi_csrf_safe(1) ){
int n;
if( P("verifydelete") ){
/* Verified delete user request */
db_unprotect(PROTECT_USER);
db_multi_exec("DELETE FROM user WHERE uid=%d", uid);
db_protect_pop();
moderation_disapprove_for_missing_users();
admin_log("Deleted user [%s] (uid %d).",
PD("login","???")/*safe-for-%s*/, uid);
cgi_redirect(cgi_referer("setup_ulist"));
return;
}
n = db_int(0, "SELECT count(*) FROM event"
|
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
|
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
|
+
+
|
@
@ <p><a href="setup_uedit?id=%d(uid)&referer=%T(zRef)">
@ [Bummer]</a></p>
style_footer();
return;
}
login_verify_csrf_secret();
db_unprotect(PROTECT_USER);
db_multi_exec(
"REPLACE INTO user(uid,login,info,pw,cap,mtime) "
"VALUES(nullif(%d,0),%Q,%Q,%Q,%Q,now())",
uid, zLogin, P("info"), zPw, zCap
);
db_protect_pop();
setup_incr_cfgcnt();
admin_log( "Updated user [%q] with capabilities [%q].",
zLogin, zCap );
if( atoi(PD("all","0"))>0 ){
Blob sql;
char *zErr = 0;
blob_zero(&sql);
|
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
|
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
|
+
+
|
" info=%Q,"
" cap=%Q,"
" mtime=now()"
" WHERE login=%Q;",
zLogin, P("pw"), zLogin, P("info"), zCap,
zOldLogin
);
db_unprotect(PROTECT_USER);
login_group_sql(blob_str(&sql), "<li> ", " </li>\n", &zErr);
db_protect_pop();
blob_reset(&sql);
admin_log( "Updated user [%q] in all login groups "
"with capabilities [%q].",
zLogin, zCap );
if( zErr ){
const char *zRef = cgi_referer("setup_ulist");
style_header("User Change Error");
|