if (iADMIN && checkrights("UG") && $_GET['lookup'] != $userdata['user_id']) {
if ((isset($_POST['add_to_group'])) && (isset($_POST['user_group']) && isnum($_POST['user_group']))) {
if (!preg_match("(^\.{$_POST['user_group']}$|\.{$_POST['user_group']}\.|\.{$_POST['user_group']}$)", $user_data['user_groups'])) {
$result = dbquery("UPDATE ".DB_USERS." SET user_groups='".$user_data['user_groups'].".".$_POST['user_group']."' WHERE user_id='".$_GET['lookup']."'");
}
redirect(FUSION_SELF."?lookup=".$user_data['user_id']);
}
}
function add_to_group($user_id, $group_id) {
global $userdata; // you.
if (iADMIN && checkrights("UG") && $user_id != $userdata['user_id']) {
$result = dbquery("SELECT user_id, user_group FROM ".DB_USERS." WHERE user_id='$user_id'");
$udata = (dbrows($result)>0) ? dbarray($result) : array(); // blank string if the user not exist.
if (!preg_match("(^\.{$group_id}$|\.{$group_id}\.|\.{$group_id}$)", $udata['user_group'])) { // ensure the group had not been added to the user earlier.
$update = dbquery("UPDATE ".DB_USERS." SET user_groups='".$udata['user_groups'].".$group_id' WHERE user_id='$user_id'"); // executable function to update rows.
redirect(FUSION_SELF."?lookup=".$user_id['user_id']); // go to user profile.
}
} else {
print_r("Sorry, you're not admin. You cannot execute this function."); // a notification.
// die(); // crash your server on null input
// redirect(BASEDIR); // to redirect to index page.
// many more options.
}
}
<form method='post' action='FUSION_SELF.$aidlink'>
<select name='user_group'>...do the opts here.. </select>
<input type='hidden' name='user_id' value='".$_GET['lookup']."'>
<button type='submit' name='add_to_group' value='submit'>Submit</button>
</form>
if ($_POST['add_to_group']) {
//sanitize
$user_id = (isset($_POST['user_id']) && isnum($_POST['user_id'])) ? stripinput($_POST['user_id']) : "0"; //0 to null
$group_id = (isset($_POST['user_group']) && isnum($_POST['user_group'])) ? stripinput($_POST['user_group']) : "0"; // 0 to null
if ($user_id !=="0" && $user_group !=="0") {
add_to_group($user_id,$user_group); // execute executable function.
}
} // end if.
Category Forum
Code Snippet and functions - 8Labels
None yet
Statistics
3 participants
Notifications
You are not receiving notifications from this thread.
Related Questions