diff --git a/admin/committees.php b/admin/committees.php
index 880d3b90..71cda161 100644
--- a/admin/committees.php
+++ b/admin/committees.php
@@ -168,10 +168,15 @@ if($_POST['add_member'])
 
 if($_POST['save'])
 {
-	//FIXME: deal with what the user can actually do based on their own permissions
-	if($_POST['access_admin']=="Y") $a_admin='Y'; else $a_admin='N';
-	if($_POST['access_config']=="Y") $a_config='Y'; else $a_config='N';
-	if($_POST['access_super']=="Y") $a_super='Y'; else $a_super='N';
+	if(auth_has_access("super"))
+	{
+		//FIXME: deal with what the user can actually do based on their own permissions
+		if($_POST['access_admin']=="Y") $a_admin='Y'; else $a_admin='N';
+		if($_POST['access_config']=="Y") $a_config='Y'; else $a_config='N';
+		if($_POST['access_super']=="Y") $a_super='Y'; else $a_super='N';
+
+		$access="access_admin='$a_admin', access_config='$a_config', access_super='$a_super', "; 
+	}
 	mysql_query("UPDATE committees_members SET ".
 		"name='".$_POST['name']."', ".
 		"password='".$_POST['password']."', ".
@@ -182,10 +187,8 @@ if($_POST['save'])
 		"phonework='".$_POST['phonework']."', ".
 		"phonecell='".$_POST['phonecell']."', ".
 		"fax='".$_POST['fax']."', ".
-		"access_admin='$a_admin', ".
-		"access_config='$a_config', ".
-		"access_super='$a_super', ".
-		"displayemail='".$_POST['displayemail']."' ".
+		$access.
+		" displayemail='".$_POST['displayemail']."' ".
 		" WHERE id='".$_POST['save']."'");
 
 	if($_POST['ord'])