} else {
if (empty($_POST['confirm'])) {
$message = "Please enter your confirmation password.";
$set = false;
} else {
$newPass = trim($_POST['newPassword']);
$confirm = trim($_POST['confirm']);
if ($newPass != $confirm) {
$message = "The passwords do not match.";
$set = false;
}
}
}
if ($set) {
$updatedUser = new User($globalUser->userName, md5($newPass), $_POST['question'], md5(strtolower(trim($_POST['answer']))), $globalUser->authLevel);
user_updateUser($updatedUser);
$message = "The changes were successful.";
$set = true;
}
?>
<div id="divHeader" class="header">
<div id="divNav">
<a href="../index.php">Home</a>
</div>
<div id="divLatestMessage">
<div id="divLatestMessageLabel">Latest Message: </div>
<div id="divLatestMessageText"><?php
if (!empty($_POST['post'])) {
print $message;
}
?>
// delete the user
user_removeUser($userNameToDelete);
$message = "{$userNameToDelete} has been deleted.";
} else {
$message = "That user doesn't exist.";
}
}
if (isset($_POST['update'])) {
if (isset($_POST['authLevel'])) {
if ($_POST['authLevel'] == "Admin" || $_POST['authLevel'] == "Power User" || $_POST['authLevel'] == "User") {
// check if the user exists
$userNameToUpdate = $_POST['update'];
if ($userToUpdate = user_getUserByUsername($userNameToUpdate)) {
// update the user
$userToUpdate->setAuthLevel($_POST['authLevel']);
user_updateUser($userToUpdate);
$message = "{$userNameToUpdate}'s authentication level has been updated.";
} else {
$message = "That user doesn't exist.";
}
} else {
$message = "Invalid auth level.";
}
} else {
$message = "Auth level not set.";
}
}
?>
<div class="status"><?php
print $message;
?>
