db_Select("userclass_classes"); $c = 0; while ($row = $sql->db_Fetch()) { if (getperms("0") || check_class($row['userclass_editclass'])) { $class[$c][0] = $row['userclass_id']; $class[$c][1] = $row['userclass_name']; $class[$c][2] = $row['userclass_description']; $c++; } } if (isset($_POST['updateclass'])) { $remuser = TRUE; $classcount = count($_POST['userclass'])-1; for($a = 0; $a <= $classcount; $a++) { check_allowed($_POST['userclass'][$a]); $svar .= $_POST['userclass'][$a]; $svar .= ($a < $classcount ) ? "," : ""; } $sql->db_Update("user", "user_class='$svar' WHERE user_id='$id' "); $message = UCSLAN_9; $sql->db_Select("user", "*", "user_id='$id' "); $row = $sql->db_Fetch(); if ($_POST['notifyuser']) { $message .= "
".UCSLAN_1.": ".$row['user_name']."
"; require_once(e_HANDLER."mail.php"); unset($messaccess); for($a = 0; $a <= (count($class)-1); $a++) { if (check_class($class[$a][0], $row['user_class'])) { $messaccess .= $class[$a][1]." - " . $class[$a][2]. "\n"; } } $send_to = $row['user_email']; $subject = UCSLAN_2; $message = UCSLAN_3." " . $row['user_name']. ",\n\n".UCSLAN_4." ".SITENAME."\n( ".SITEURL . " )\n\n".UCSLAN_5.": \n\n".$messaccess."\n".UCSLAN_10."\n".SITEADMIN."\n( ".SITENAME." )"; sendemail($send_to, $subject, $message); } header("location: ".$_POST['adminreturn']); echo "location redirect failed."; exit; } $e_sub_cat = 'userclass'; require_once("auth.php"); $sql->db_Select("user", "*", "user_id='$id' "); $row = $sql->db_Fetch(); $caption = UCSLAN_6." ".$row['user_name']." (".$row['user_class'].")"; $text = "
"; for($a = 0; $a <= (count($class)-1); $a++) { $text .= ""; } $adminreturn = e_ADMIN."users.php?cu".($qs[2] ? ".{$qs[2]}.{$qs[3]}.{$qs[4]}" : ""); $text .= "
"; if (check_class($class[$a][0], $row['user_class'])) { $text .= "".$class[$a][1]." "; } else { $text .= "".$class[$a][1]." "; } $text .= " ".$class[$a][2]."
".UCSLAN_8."  
"; $ns->tablerender($caption, $text); require_once("footer.php"); // ---------------------------------------------------------- function check_allowed($class_id) { global $sql; if (!$sql->db_Select("userclass_classes", "*", "userclass_id = {$class_id}")) { header("location:".SITEURL); exit; } $row = $sql->db_Fetch(); extract($row); if (!getperms("0") && !check_class($userclass_editclass)) { header("location:".SITEURL); exit; } } ?>