diff -r bb4e677a4da9 -r d807dcd7aed7 plugins/SpecialAdmin.php --- a/plugins/SpecialAdmin.php Sat Aug 25 12:53:03 2007 -0400 +++ b/plugins/SpecialAdmin.php Sun Aug 26 16:48:15 2007 -0400 @@ -793,7 +793,7 @@ if(isset($_POST['go'])) { // We need the user ID before we can do anything - $q = $db->sql_query('SELECT user_id,username,email,real_name,style,user_level FROM '.table_prefix.'users WHERE username=\'' . $db->escape($_POST['username']) . '\''); + $q = $db->sql_query('SELECT user_id,username,email,real_name,style,user_level,account_active FROM '.table_prefix.'users WHERE username=\'' . $db->escape($_POST['username']) . '\''); if ( !$q ) { die('Error selecting user ID: '.mysql_error()); @@ -848,13 +848,30 @@ } } + // update account activation + if ( isset($_POST['account_active']) ) + { + // activate account + $q = $db->sql_query('UPDATE '.table_prefix.'users SET account_active=1 WHERE user_id=' . intval($r['user_id']) . ';'); + if ( !$q ) + $db->_die(); + } + else + { + // deactivate account and throw away the old key + $actkey = sha1 ( microtime() . mt_rand() ); + $q = $db->sql_query('UPDATE '.table_prefix.'users SET account_active=0,activation_key=\'' . $actkey . '\' WHERE user_id=' . intval($r['user_id']) . ';'); + if ( !$q ) + $db->_die(); + } + echo('