summaryrefslogtreecommitdiffstats
path: root/editusers.cgi
diff options
context:
space:
mode:
Diffstat (limited to 'editusers.cgi')
-rwxr-xr-xeditusers.cgi9
1 files changed, 5 insertions, 4 deletions
diff --git a/editusers.cgi b/editusers.cgi
index e12fc35b6..f4e3c0841 100755
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -68,7 +68,7 @@ if ($action eq 'search') {
my $matchstr = trim($cgi->param('matchstr'));
my $matchtype = $cgi->param('matchtype');
my $grouprestrict = $cgi->param('grouprestrict') || '0';
- my $enabled_only = $cgi->param('enabled_only') || '0';
+ my $is_enabled = scalar $cgi->param('is_enabled');
my $query = 'SELECT DISTINCT userid, login_name, realname, is_enabled, ' .
$dbh->sql_date_format('last_seen_date', '%Y-%m-%d') . ' AS last_seen_date ' .
'FROM profiles';
@@ -160,11 +160,12 @@ if ($action eq 'search') {
$query .= " $nextCondition ugm.group_id IN($grouplist) ";
}
- if ($enabled_only eq '1') {
- $query .= " $nextCondition profiles.is_enabled = 1 ";
+ detaint_natural($is_enabled);
+ if ($is_enabled == 0 || $is_enabled == 1) {
+ $query .= " $nextCondition profiles.is_enabled = ?";
$nextCondition = 'AND';
+ push(@bindValues, $is_enabled);
}
-
$query .= ' ORDER BY profiles.login_name';
$vars->{'users'} = $dbh->selectall_arrayref($query,