Fixes #5045 - Removed inline editing for when only "Quick Add User" has been granted, and removed adding of admin perms to avoid access escalation.

e107_admin/users.php

@@ -420,6 +420,11 @@ class users_admin_ui extends e_admin_ui
 		{
 			unset($this->fields['checkboxes']);
 			unset($this->fields['options']);
+			foreach($this->fields as $fld=>$val)
+			{
+				 $this->fields[$fld]['inline'] = false;
+			}
+
 		}	
 				
 		$this->fields['user_image']['writeParms'] = $this->getAvatarList();
@@ -1679,6 +1684,8 @@ class users_admin_ui extends e_admin_ui
 		}
 
 		// Make Admin.
+		if(getperms('4|U0')) // Quick Add User access should not be allowed to create new users with escalated perms. 
+		{
 			$text .= "
 			<tr>
 				<td>".USRLAN_35."</td>
@@ -1694,7 +1701,7 @@ class users_admin_ui extends e_admin_ui
 				</td>
 			</tr>
 			";
-
+		}
 
 		$text .= "