@($allow_log = mysql_real_escape_string(htmlentities(input_validation($_POST['allow_log']))));
@($send_email = mysql_real_escape_string(htmlentities(input_validation($_POST['send_email']))));
if (!empty($email) && !empty($password) && !empty($retype_password)) {
if (user_exists_reg($con, $email) === false) {
echo "Oppos, the email you entered that was not register in our system./e";
} elseif ($password != $retype_password) {
echo "Your new password do not match with retype password./e";
} else {
$user_id = get_user_id_from_email($con, $email);
//$full_name = get_full_name_from_username($con, $username);
//$email = get_email_from_username($con, $username);
if (change_password($con, $user_id, $password) === true) {
if ($send_email == 1) {
email($email, 'Your password for ' . COMPANY_NAME . ' system login', "Hello User,\n\nYour email is: " . $email . "\nYour new password is: |" . $password . "| \nPlease change your password at first login. \n\nBest Regards\n '.COMPANY_NAME.'");
}
//for user log;
if ($allow_log == 1) {
$remark = 'Password Reset for user \'' . display_email_from_user_id($con, $user_id) . '\'.';
insert_user_log($con, $_SESSION['user_id'], 8, REMOTE_IP, $remark);
}
echo "Password change Successful for the user ' " . $email . " '.";
} else {
echo "Opps! Password not change./e";
}
}
} else {
echo "Star Mark field are required./e";
}
//end empty */
}
//end isset
} elseif (!empty($email) && empty($log_type) && !empty($start_date) && !empty($end_date)) {
$query = $con->prepare("SELECT * FROM user_log WHERE user_id=:user_id AND date BETWEEN :start_date AND :end_date ORDER BY datetime DESC");
$query->execute(array(':user_id' => $user_id, ':start_date' => $start_date, ':end_date' => $end_date));
} elseif (!empty($email) && !empty($log_type) && !empty($start_date) && !empty($end_date)) {
$query = $con->prepare("SELECT * FROM user_log WHERE user_id=:user_id AND log_type=:log_type AND date BETWEEN :start_date AND :end_date ORDER BY datetime DESC");
$query->execute(array(':user_id' => $user_id, ':log_type' => $log_type, ':start_date' => $start_date, ':end_date' => $end_date));
} elseif (empty($email) && empty($log_type) && empty($start_date) && empty($end_date)) {
return false;
}
echo '<table class="table">
<tr class="table_head">
<!--<td style="width:5%">Username</td>-->
<td style="width:15%">User</td>
<td style="width:20%">Date Time</td>
<td style="width:20%">IP</td>
<td style="width:5%">Type</td>
<td style="width:30%">Remark</td>
</tr>';
while ($row = $query->fetch(PDO::FETCH_ASSOC)) {
echo '<tr class="table_data">';
echo '<td>' . display_email_from_user_id($con, $row['user_id']) . '</td>';
echo '<td>' . show_date_time($row['datetime']) . '</td>';
echo '<td>' . $row['ip'] . '</td>';
echo '<td>' . display_log_type($row['log_type']) . '</td>';
echo '<td>' . $row['remark'] . '</td>';
echo '</tr>';
}
echo '</table>';
//*/
}
//End user_log search script
$required_fields = array('user_id', 'email');
foreach ($_POST as $key => $value) {
if (empty($value) && in_array($key, $required_fields) === true) {
echo 'Fields marked with an asterisk are required./e';
$error = 1;
//for check
break 1;
//there are multiple fields, if get any fields error than breck the loop, otherwise loop will continue for all fields error
}
}
if (empty($error) === true) {
//echo 'OK.';
$edit_user = edit_user($con, $user_id, $email, $active, $user_lock, $allow_email, $tac);
if ($edit_user === true) {
if ($send_email == 1) {
email($email, 'Your profile edit have been successfull. ', "Hello User,\n\nYour Email is: " . $email . "\n\nPlease login and check out your details. \n\nBest Regards\n '.COMPANY_NAME.'");
}
//for user log;
if ($allow_log == 1) {
$remark = 'Information edit for user \'' . display_email_from_user_id($con, $user_id) . '\'.';
insert_user_log($con, $_SESSION['user_id'], 5, REMOTE_IP, $remark);
}
echo 'User edit Successfully.';
} else {
echo 'Oppos, Somthing was worng, please try again./e';
}
//*/
}
//end empty error check */
}
//end isset
