52 lines
1.9 KiB
PHP
52 lines
1.9 KiB
PHP
<?php
|
|
$sql = "SELECT * FROM User WHERE userEmail = '" . $_POST['userEmail'] . "' AND userId != '" . $_POST['ID'] . "';";
|
|
$result = $db->query ( $sql );
|
|
$anz = $result->num_rows;
|
|
if ( $_SESSION['IsAdmin'] )
|
|
{
|
|
if ( "" == $_POST['userPassword'] OR ( "" == $_POST['userEmail'] ) )
|
|
{
|
|
echo "<h2 class=\"hinweis\">Das Passwort und die Email-Adresse dürfen nicht leer sein!</h2>\n";
|
|
include "inhalte/stammdaten/kontroll/zg_edit.php";
|
|
}
|
|
elseif ( $anz != 0 )
|
|
{
|
|
echo "<h2 class=\"hinweis\">Es existiert bereits ein Benuzter mit dieser Email-Adresse!</h2>\n";
|
|
include "inhalte/stammdaten/kontroll/zg_edit.php";
|
|
}
|
|
else
|
|
{
|
|
if ( 'Y' == $_POST['userDeact'] )
|
|
{
|
|
$deact = ', userDeact = "Y", userDeactUser = "' . $_SESSION['TID'] . '", userDeactDate = now() ';
|
|
}
|
|
else
|
|
{
|
|
$deact = ', userDeact = "N", userDeactUser = "0", userDeactDate = "0000-00-00 00:00:00" ';
|
|
}
|
|
$sql = 'UPDATE User SET
|
|
userTitle = "'.$_POST['userTitle'].'",
|
|
userFirstname = "'.$_POST['userFirstname'].'",
|
|
userLastname = "'.$_POST['userLastname'].'",
|
|
userEmail = "'.$_POST['userEmail'].'",
|
|
userPassword = "'.$_POST['userPassword'].'",
|
|
userPhone = "'.$_POST['userPhone'].'",
|
|
userMobile = "'.$_POST['userMobile'].'",
|
|
userIsAdmin = "'.$_POST['userIsAdmin'].'",
|
|
userIsBuero = "'.$_POST['userIsBuero'].'"
|
|
' . $deact . '
|
|
WHERE userId = "'.$_POST['ID'].'";';
|
|
$stmt = $db->prepare($sql);
|
|
if ( !$stmt )
|
|
{
|
|
die ('Datensatz konnte nicht gespeichert werden: '.$db->error);
|
|
}
|
|
if ( !$stmt->execute() )
|
|
{
|
|
die ('Datensatz konnte nicht gespeichert werden: '.$stmt->error);
|
|
}
|
|
echo "<p class=\"hinweis\">Zugangsdaten wurden gespeichert!</p>\n";
|
|
include "inhalte/stammdaten/kontroll/zg_edit.php";
|
|
}
|
|
}
|
|
?>
|