}
//// PROCESS DATA ////////////////////////////
if ($_SESSION["error"]["message"]) {
$_SESSION["error"]["form"]["user_options"] = "failed";
header("Location: ../index.php?page=user/options.php&id={$id}");
exit(0);
} else {
$_SESSION["error"] = array();
// start SQL transaction
$sql_obj = new sql_query();
$sql_obj->trans_begin();
/*
Generate new password
*/
if ($data["password"]) {
user_changepwd($id, $data["password"]);
}
/*
Update user account details
*/
$sql_obj->string = "UPDATE `users` SET " . "realname='" . $data["realname"] . "', " . "contact_email='" . $data["contact_email"] . "' " . "WHERE id='{$id}'";
if (!$sql_obj->execute()) {
$_SESSION["error"]["message"][] = "A fatal SQL error occured whilst trying to update user account details.";
}
/*
Update user options
*/
// remove old user options
$sql_obj->string = "DELETE FROM users_options WHERE userid='{$id}'";
$sql_obj->execute();
// language
function user_newuser($username, $password, $realname, $email)
{
log_debug("inc_user", "Executing user_newuser({$username}, {$password}, {$realname}, {$email})");
// make sure that the user running this command is an admin
if (user_permissions_get("admin")) {
// verify data
if ($username && $password && $realname && $email) {
// TODO: Fix ACID compliance here
// create the user account
$sql_obj = new sql_query();
$sql_obj->string = "INSERT INTO `users` (username, realname, contact_email) VALUES ('{$username}', '{$realname}', '{$email}')";
$sql_obj->execute();
$userid = $sql_obj->fetch_insert_id();
// set the password
user_changepwd($userid, $password);
return $userid;
}
// if data is valid
}
// if user is an admin
return 0;
}
