Beispiel #1
0
function update_user_information($username, $firstname, $lastname, $email)
{
    // check if username is unique
    $result = wrap_db_query("SELECT user_id FROM " . BOOKING_USER_TABLE . " WHERE username='******'");
    if (!$result) {
        return false;
        // no result
    } else {
        if (wrap_db_num_rows($result) == 1) {
            // one result row
            $fields = wrap_db_fetch_array($result);
            $user_id = $fields['user_id'];
        } else {
            return false;
        }
    }
    if (empty($user_id)) {
        return false;
    }
    // if ok, put in db and return result
    $result = wrap_db_query("UPDATE " . BOOKING_USER_TABLE . " SET \r\n\t\t\t\t\t\tfirstname = '" . wrap_db_escape_string($firstname) . "',\r\n\t\t\t\t\t\tlastname = '" . wrap_db_escape_string($lastname) . "',\r\n\t\t\t\t\t\temail = '" . wrap_db_escape_string($email) . "' \r\n\t\t\t\t\t\tWHERE username = '******' " . " AND user_id = '" . wrap_db_escape_string($user_id) . "'");
    if (!$result) {
        return false;
    } else {
        return true;
    }
}
Beispiel #2
0
function get_user($user_id)
{
    // get user_id based on $id
    $result = wrap_db_query("SELECT * FROM " . BOOKING_USER_TABLE . " \r\n\t\t\t\t\t\tWHERE user_id = '" . wrap_db_escape_string($user_id) . "' LIMIT 1");
    return wrap_db_fetch_array($result);
}