From 463996c1a30e24ff7f36438202c02d4303334849 Mon Sep 17 00:00:00 2001
From: jakani24 <janis.st44@gmail.com>
Date: Sat, 9 Mar 2024 18:11:44 +0100
Subject: [PATCH] Update manage_user.php

---
 .../cyberhex-code/system/secure_zone/php/manage_user.php | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/server/cyberhex-code/system/secure_zone/php/manage_user.php b/src/server/cyberhex-code/system/secure_zone/php/manage_user.php
index e14f9ad..d3d82ba 100644
--- a/src/server/cyberhex-code/system/secure_zone/php/manage_user.php
+++ b/src/server/cyberhex-code/system/secure_zone/php/manage_user.php
@@ -183,6 +183,7 @@ include "perms_functions.php";
 							// Retrieve user input
 							$m_email=$_POST["email"];
 							$m_username=$_POST["username"];
+							$m_permissions=get_perm_str();
 							// Create a connection
 							$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD, $DB_DATABASE);
 
@@ -197,11 +198,11 @@ include "perms_functions.php";
 									die("Connection failed: " . $conn->connect_error);
 								}
 							$stmt = $conn->prepare("UPDATE users set email=?, username=?,perms=?");
-							$stmt->bind_param("ssss", $email, $username, $permissions);
+							$stmt->bind_param("sss", $m_email, $m_username, $m_permissions);
 
-							$email=htmlspecialchars($_POST["email"]);
-							$username=htmlspecialchars($_POST["username"]);
-							$permissions=get_perm_str();
+							$m_email=htmlspecialchars($_POST["email"]);
+							$m_username=htmlspecialchars($_POST["username"]);
+							$m_permissions=get_perm_str();
 							
 							$stmt->execute();
 							$stmt->close();