diff --git a/inc/ui/principal-edit.php b/inc/ui/principal-edit.php
index 8d7f9ef0..7d1796f6 100644
--- a/inc/ui/principal-edit.php
+++ b/inc/ui/principal-edit.php
@@ -18,6 +18,7 @@ $can_write_principal = ($session->AllowedTo('Admin') || $session->principal_id =
$pwstars = '@@@@@@@@@@';
if ( $can_write_principal && $editor->IsSubmit() ) {
$editor->WhereNewRecord( "principal_id=(SELECT CURRVAL('dav_id_seq'))" );
+ if ( ! $session->AllowedTo('Admin') ) unset($_POST['admin_role']);
unset($_POST['password']);
if ( $_POST['newpass1'] != '' && $_POST['newpass1'] != $pwstars ) {
if ( $_POST['newpass1'] == $_POST['newpass2'] ) {
@@ -264,7 +265,7 @@ EOTEMPLATE;
$browser->AddColumn( 'members', translate('Has Members'), '', '', 'has_members_list(principal_id)' );
if ( $can_write_principal ) {
- $del_link = "Delete";
+ $del_link = 'Delete';
$browser->AddColumn( 'action', 'Action', 'center', '', "'$edit_link $del_link'" );
}
@@ -386,8 +387,8 @@ $browser->AddColumn( 'privs', translate('Privileges'), '', '', 'privileges_list(
$browser->AddColumn( 'members', translate('Has Members'), '', '', 'has_members_list(principal_id)' );
if ( $can_write_principal ) {
- $del_link = "Delete";
- $edit_link = "Edit";
+ $del_link = 'Delete';
+ $edit_link = 'Edit';
$browser->AddColumn( 'action', 'Action', 'center', '', "'$edit_link $del_link'" );
}