/** * This Function will return check multiple aspects of a users information and return true or errors. * It will replace the uname_OK Function. * * @param string $u_name * @param int $u_id * @param string $address * @return Array result{bool} and meessgae{string} */ function check_user_info($u_name, $u_id, $address) { $results = array('result' => true, 'message' => ""); /** check the u_name **/ if (!check_uname($u_name, $u_id)) { $results['result'] = false; $results['message'] .= "The username {" . $u_name . "} is already in use. Please try another.<BR>"; } /** check the email is OK and not blank **/ $email_error = check_email_address($address); if ($email_error['error_value']) { $results['result'] = false; $results['result'] .= $email_error['error_message']; } //displayArray($results); return $results; }
// insert into / update tables $sql = "UPDATE users set passwd=md5('" . $_POST['n_pass'] . "') where user_id=" . $_POST['u_id']; $result = $db->query($sql); $_SESSION[$_CONF['sess_name'] . '_password'] = md5($_POST['n_pass']); $t = "Message..."; $b = "Your password has been updated.<br />\n\t\t\t\t<form action=index.php?lev=" . $_SESSION[$_CONF['sess_name'] . '_lev'] . "&cat=" . $_SESSION[$_CONF['sess_name'] . '_cat'] . " method=POST>\n\t\t\t\t<input type=submit class=submit name=finish value=Continue>\n\t\t\t\t</FORM>"; $main .= make_box($t, $b, "yellow"); } else { $t = "ERROR..."; $b = "Your passwords did not match. Press your Browser's BACK\n\t\t\t\t\tbutton and please fix. <br />\n\t\t\t\t\tBlank Passwords are not allowed."; $main .= make_box($t, $b, "red"); } } if (isset($_POST['modify_ui'])) { $email_error = check_email_address($_POST['u_email']); if (check_uname($_POST['u_name'], $_POST['u_id']) && !$email_error['error_value']) { $query = "UPDATE users set email='" . $_POST['u_email'] . "', address1='" . $_POST['u_address1'] . "', address2='" . $_POST['u_address2'] . "', city='" . $_POST['u_city'] . "',state='" . strtoupper($_POST['u_state']) . "', zip='" . $_POST['u_zip'] . "', phone='" . $_POST['u_phone'] . "', send_attend_email='" . $_POST['send_attend_email'] . "', weekly_progress='" . $_POST['weekly_progress'] . "'\n\t\t\t\t\tWHERE user_id=" . $_POST['u_id']; $result = $db->query($query); $_SESSION[$_CONF['sess_name'] . '_username'] = $_POST['u_name']; $t = "Message..."; $b = "User Information updated.</FONT><br />\n\t\t\t\t<form action=index.php?lev=" . $_SESSION[$_CONF['sess_name'] . '_lev'] . "&cat=" . $_SESSION[$_CONF['sess_name'] . '_cat'] . " method=POST>\n\t\t\t\t<input type=submit class=submit name=finish value=Continue>\n\t\t\t\t</FORM>"; $main .= make_box($t, $b); } else { if ($email_error['error_value']) { $t = "ERROR..."; $results[result] = false; $b .= $email_error['error_message']; $main .= make_box($t, $b, "red"); } else { $t = "ERROR..."; $b = "That user name is taken. Press your Browser's BACK\n\t\t\t\t\t\tbutton and please fix.";
$message = "User information Updated.<br>"; $color = "blue"; // used to determine which box is drawn $fname = $_POST['u_fname']; $lname = $_POST['u_lname']; $_ERROR = array(); $_ERROR['result'] = false; $_ERROR['message'] = ""; $checkemail = check_email_address($_POST['u_email']); if ($checkemail['error_value']) { $_ERROR['result'] = true; $_ERROR['message'] .= $checkemail['error_message'] . "<br />"; } // Teacher cannot change uname, so check to see if it exists. if (isset($_POST['u_name'])) { $checkuname = check_uname($_POST['u_name'], $_POST['u_id']); // true if no match if (!$checkuname) { $_ERROR['result'] = true; $_ERROR['message'] .= "The username {" . $_POST['u_name'] . "} is already in use. Please pick another.<br />"; } } if (!$_ERROR['result']) { $query = "UPDATE users SET first_name='" . $fname . "',last_name='" . $lname . "', email='" . $_POST['u_email'] . "'"; if (isset($_POST['u_name'])) { $query .= ", u_name='" . $_POST['u_name'] . "'"; } $query .= ", address1='" . $_POST['u_address1'] . "', address2='" . $_POST['u_address2'] . "', city='" . $_POST['u_city'] . "', state='" . strtoupper($_POST['u_state']) . "', " . "zip='" . $_POST['u_zip'] . "', phone='" . $_POST['u_phone'] . "', send_attend_email='" . $_POST['send_attend_email'] . "', " . "weekly_progress='" . $_POST['weekly_progress'] . "', grade_level='" . $_POST['grade_level'] . "'"; // parents do not get a school if (isset($_POST['school'])) { $query .= ",school_id=" . $_POST['school'];