bug 1008: fixed query output from $res to $res1
[cacert-devel.git] / pages / account / 58.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 if ($_SESSION['profile']['admin'] != 1 || !array_key_exists('userid',$_REQUEST) || intval($_REQUEST['userid']) < 1) {
20 echo _('You do not have access to this page');
21 } else {
22 $user_id = intval($_REQUEST['userid']);
23 $query = "select `users`.`fname`, `users`.`mname`, `users`.`lname` from `users` where `id`='$user_id' and `users`.`deleted`=0";
24 $res = mysql_query($query);
25 if(mysql_num_rows($res) != 1){
26 echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are a foot!");
27 } else {
28 if ($row = mysql_fetch_assoc($res)){
29 $username=sanitizeHTML($row['fname']).' '.sanitizeHTML($row['mname']).' '.sanitizeHTML($row['lname']);
30 $query = "select `orginfo`.`o`, `org`.`masteracc`
31 FROM `orginfo`, `org`
32 WHERE `orginfo`.`id` = `org`.`orgid`
33 AND `org`.`memid`='$user_id' order by `orginfo`.`o`";
34 $res1 = mysql_query($query);?>
35 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"><?
36 if (mysql_num_rows($res1) <= 0) {?>
37 <tr>
38 <td colspan="2" class="title"><?=sprintf(_('%s is not listed as Organisation Administrator'), $username)?></td>
39 </tr>
40 <?}else{?>
41 <tr>
42 <td colspan="2" class="title"><?=sprintf(_('%s is listed as Organisation Administrator for:'), $username)?></td>
43 </tr>
44 <tr>
45 <td class="DataTD"><b><?=_('Organisation')?></b></td>
46 <td class="DataTD"><b><?=_('Masteraccount')?></b></td>
47 </tr><?
48 while($drow = mysql_fetch_assoc($res1)){?>
49 <tr>
50 <td class="DataTD"><?=$drow['o']?></td>
51 <td class="DataTD"><?=$drow['masteracc'] ? _("Yes") : _("No") ?></td>
52 </tr>
53 <?}
54 }
55 ?></table>
56 <? }else{
57 echo _("I'm sorry, the user you were looking for seems to have disappeared! Bad things are a foot!");
58 }
59 }
60 }
61 ?>