diff --git a/classes/pref/users.php b/classes/pref/users.php
index 89554ba6..a10404d0 100644
--- a/classes/pref/users.php
+++ b/classes/pref/users.php
@@ -17,9 +17,93 @@ class Pref_Users extends Handler_Protected {
return array_search($method, $csrf_ignored) !== false;
}
- function userdetails() {
+ function edit() {
+ global $access_level_names;
- $uid = sprintf("%d", $_REQUEST["id"]);
+ print '
+
';
+
+ print "";
+
+ print '
'; #tab
+ print "
";
+
+ print '
';
+ print '
';
+
+ print "
+
+
";
+
+ return;
+ }
+
+ function userdetails() {
+ $id = (int) $this->dbh->escape_string($_REQUEST["id"]);
$result = $this->dbh->query("SELECT login,
".SUBSTRING_FOR_DATE."(last_login,1,16) AS last_login,
@@ -28,7 +112,7 @@ class Pref_Users extends Handler_Protected {
WHERE owner_uid = id) AS stored_articles,
".SUBSTRING_FOR_DATE."(created,1,16) AS created
FROM ttrss_users
- WHERE id = '$uid'");
+ WHERE id = '$id'");
if ($this->dbh->num_rows($result) == 0) {
print "
";
$result = $this->dbh->query("SELECT COUNT(id) as num_feeds FROM ttrss_feeds
- WHERE owner_uid = '$uid'");
+ WHERE owner_uid = '$id'");
$num_feeds = $this->dbh->fetch_result($result, 0, "num_feeds");
@@ -61,7 +145,7 @@ class Pref_Users extends Handler_Protected {
print "
".__('Subscribed feeds')."
";
$result = $this->dbh->query("SELECT id,title,site_url FROM ttrss_feeds
- WHERE owner_uid = '$uid' ORDER BY title");
+ WHERE owner_uid = '$id' ORDER BY title");
print "