-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy patheditaccount.php
104 lines (92 loc) · 2.95 KB
/
editaccount.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
<?php
session_start();
include("includes/or-theme.php");
include($_SESSION["themepath"] ."header.php");
if($_SESSION["systemid"] == $settings["systemid"]){
//Form Processing
$submitted = isset($_POST["submitted"])?$_POST["submitted"]:"";
$errormsg = "";
$emaila = mysql_fetch_array(mysql_query("SELECT * FROM users WHERE username='". $_SESSION["username"] ."';"));
if($submitted == "1"){
$password = isset($_POST["password"])?$_POST["password"]:"";
$confirm = isset($_POST["confirm"])?$_POST["confirm"]:"";
$email = isset($_POST["email"])?$_POST["email"]:"";
if($password != "" || $confirm != ""){
if($password != $confirm){
$errormsg .= "New Password and Conform Password do not match.<br/>";
}
//Passwords have been entered and match so put in a new password
else{
$encpass = sha1($password);
}
}
//No password change, set encpass equal to old password
else{
$encpass = $emaila["password"];
}
if(!(filter_var($email, FILTER_VALIDATE_EMAIL))){
$errormsg .= "Invalid email address.<br/>";
}
if($errormsg == ""){
//Update account for this user
if(mysql_query("UPDATE users SET password = '". $encpass ."', email = '". $email ."' WHERE username='". $_SESSION["username"] ."';")){
$successmsg = "Your account has been updated!";
}
else{
$errormsg = "Account could not be updated.<br/>";
}
}
}
$emaila = mysql_fetch_array(mysql_query("SELECT * FROM users WHERE username='". $_SESSION["username"] ."';"));
$email = $emaila["email"];
?>
<center>
<?php
if($successmsg != ""){
echo "<div id=\"successmsg\">". $successmsg ."</div>";
}
if($errormsg != ""){
echo "<div id=\"errormsg\">". $errormsg ."</div>";
}
?>
</center>
<h3><a href="index.php"><?php echo $settings["instance_name"]; ?></a> - Edit Account</h3>
<form name="editaccount" method="POST" action="editaccount.php">
<table border="0">
<tr>
<td>Change Password:</td>
<td><input type="password" name="password" /></td>
</tr>
<tr>
<td>Confirm Password:</td>
<td><input type="password" name="confirm" /></td>
</tr>
<tr>
<td>Email:</td>
<td><input type="text" name="email" value="<?php echo $email; ?>" /></td>
<td><em><?php
$emailfilters = unserialize($settings["email_filter"]);
$comma = 0;
foreach($emailfilters as $filter){
if($comma == 0){
echo "example@". $filter;
$comma = 1;
}
else{
echo ", example@". $filter;
}
}
?></em></td>
</tr>
<tr>
<td colspan="3"><input type="hidden" name="submitted" value="1" /><input type="submit" value="Save" /></td>
</tr>
</table>
</form>
<br/><br/>
<?php
include($_SESSION["themepath"] ."footer.php");
}else{
echo "You are not logged in. Please <a href=\"index.php\">click here</a> and login with an authorized account.";
}
?>