Revision 1493
Added by Dietmar about 13 years ago
save.php | ||
---|---|---|
29 | 29 |
$admin->print_header(); |
30 | 30 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],$js_back); |
31 | 31 |
} |
32 |
// After check print the header |
|
33 |
$admin->print_header(); |
|
34 | 32 |
|
35 | 33 |
// Check if group group_id is a valid number and doesnt equal 1 |
36 |
if(!isset($_POST['group_id']) OR !is_numeric($_POST['group_id']) OR $_POST['group_id'] == 1) { |
|
37 |
header("Location: index.php"); |
|
38 |
exit(0); |
|
39 |
} else { |
|
40 |
$group_id = $_POST['group_id']; |
|
34 |
$group_id = intval($admin->checkIDKEY('group_id', 0, $_SERVER['REQUEST_METHOD'])); |
|
35 |
if( ($group_id < 2 ) ) |
|
36 |
{ |
|
37 |
// if($admin_header) { $admin->print_header(); } |
|
38 |
$admin->print_header(); |
|
39 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'] ); |
|
41 | 40 |
} |
42 | 41 |
|
43 | 42 |
// Gather details entered |
... | ... | |
47 | 46 |
if($group_name == "") { |
48 | 47 |
$admin->print_error($MESSAGE['GROUPS']['GROUP_NAME_BLANK'], $js_back); |
49 | 48 |
} |
49 |
// After check print the header |
|
50 |
$admin->print_header(); |
|
50 | 51 |
|
51 | 52 |
// Get system permissions |
52 | 53 |
require_once(ADMIN_PATH.'/groups/get_permissions.php'); |
53 | 54 |
|
54 | 55 |
// Update the database |
55 |
$query = "UPDATE ".TABLE_PREFIX."groups SET name = '$group_name', system_permissions = '$system_permissions', module_permissions = '$module_permissions', template_permissions = '$template_permissions' WHERE group_id = '$group_id'";
|
|
56 |
$query = "UPDATE `".TABLE_PREFIX."groups` SET `name` = '$group_name', `system_permissions` = '$system_permissions', `module_permissions` = '$module_permissions', `template_permissions` = '$template_permissions' WHERE `group_id` = '$group_id'";
|
|
56 | 57 |
|
57 | 58 |
$database->query($query); |
58 | 59 |
if($database->is_error()) { |
Also available in: Unified diff
Ticket #1106 FatalError in groups module