<?php
/*
* ConPortal - Pomona College ITS scheduling appplication
* Copyright (C) 2005-2006 Pomona College
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of version 2 of the GNU General Public License
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
// This file makes changes to a user's data in the DB...
require_once("../standard.php");
//FIXME - We need to check to make sure user actually has privs to edit users
//FIXME - I'm pretty sure the primary_group should be numeric
if (isset($_POST['pid']) && is_numeric($_POST['pid']) &&
isset($_POST['first']) && isset($_POST['last']) &&
isset($_POST['primary_group']) && isset($_POST['user']) &&
isset($_POST['super']) && isset($_POST['seniority'])) {
if (!checkPerm($_SESSION, 'manage_perms')) {
/*
* If the admin can't play with perms, the admin *certainly* can't
* change a user's primary group...That would just be silly. And
* we're not silly.
*
* No matter what anyone may have POST-ed the primary group as, reset
* the group to whatever it was before.
*/
$info = getUserDetails($_POST['pid']);
$_POST['primary_group'] = $info['primary_group'];
}
updateUser($_POST['pid'], $_POST['user'], $_POST['first'], $_POST['last'],
$_POST['primary_group'], $_POST['super'], $_POST['phone'],
$_POST['cell'], $_POST['sn'], $_POST['seniority']);
header("Location: " . BASE_URL . "/display_users.php");
}
else
{
error("Please go back and make sure that the user's name, ".
'primary group, username, and super are filled in...');
display_errors();
}
?>