-
Notifications
You must be signed in to change notification settings - Fork 0
/
update_user.php
95 lines (76 loc) · 2.28 KB
/
update_user.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
<?php
require_once('lib/dblibs.php');
require_once('lib/lib.php');
output_html5_header(
'Edit User',
array( "bootstrap/css/bootstrap.css", "bootstrap/css/bootstrap-theme.css", "css/style.css"),
array( "js/jquery.min.js", "bootstrap/js/bootstrap.min.js" )
);
if (array_key_exists('loggedin', $_SESSION)){
if(count($_POST) == 5 &&
array_key_exists('firstName', $_POST) &&
array_key_exists('lastName', $_POST) &&
array_key_exists('email', $_POST) &&
array_key_exists('oldpass', $_POST) &&
array_key_exists('newpass', $_POST)
){
$fName = htmlspecialchars(trim($_POST['firstName']));
$lName = htmlspecialchars(trim($_POST['lastName']));
$email = htmlspecialchars(trim($_POST['email']));
$oldpass = htmlspecialchars(trim($_POST['oldpass']));
$newpass = htmlspecialchars(trim($_POST['newpass']));
$errorFN = false;
$errorLN = false;
if (!check_words($fName)){
$errorFN = true;
}
if (!check_words($lName)){
$errorLN = true;
}
if (!$errorFN && !$errorLN){
$sql = 'UPDATE Users SET email=:email, ';
$user_array = array(':firstName'=>$fName, ':lastName'=>$lName, ':email'=>$email, ':email'=>$email);
db_connect();
if (strcmp($oldpass, "") != 0){
if (strcmp($newpass, "") != 0){
$newpassA = md5($newpass);
if (db_check_user($email, $oldpass)){
$sql .= 'password=:password, ';
$user_array[':password'] = $newpassA;
}
else {
$problemCode = 0;
$_SESSION['fName'] = $fName;
$_SESSION['lName'] = $lName;
$_SESSION['problem'] = $problemCode;
message("bad", " Incorrect password. Try again. <a href=\"edit_user.php\">Go Back.</a>");
exit(0);
}
}
}
$sql .= 'firstName=:firstName, lastName=:lastName WHERE email=:email';
db_edit_entry($user_array, $sql);
message("good", " Successfully updated your information! <a href=\"my_page.php\">Continue</a>");
}
else{
$problemCode = 0;
if ($errorFN)
$problemCode +=1;
if ($errorLN)
$problemCode +=2;
$_SESSION['fName'] = $fName;
$_SESSION['lName'] = $lName;
$_SESSION['problem'] = $problemCode;
header('Location: edit_user.php');
exit(0);
}
}
else{
die('Error editing user');
}
} else {
message("bad", " You must be logged in to do this! <a href=\"login.php\">Log in</a>");
}
output_page_footer();
output_html5_footer();
?>