mystery_process_account_creation(); break; case 'reset': $_MYSTERY['page_title'] .= ' -> Reset Password'; mystery_expire_page(); mystery_process_password_reset(); break; } exit; } // Process logout if the user is logging out if ($_REQUEST['action'] == 'logout') { session_destroy(); mystery_setup_default_session(); mystery_header(); mystery_display_user_feedback('You have successfully logged out.'); } // Process the authentication for the user. If not logged in, it will display the login box mystery_process_authentication(); // Load the configuration for this table, if applicable if ($_REQUEST['table'] != 'none') { mystery_get_table_configuration($_REQUEST['table']); } // FIX if (isset($_REQUEST['ss'])) { mystery_print_r($_SESSION); } // Determine which action the user is looking for switch ($_REQUEST['action']) { case 'redirect': mystery_redirect($_REQUEST['location']);
function mystery_process_user_info_form() { // this function processes a user's info update form. global $_MYSTERY; // set elements in the data array and update the session $_SESSION['user_first_name'] = $data['user_first_name'] = $_REQUEST['user_first_name']; $_SESSION['user_last_name'] = $data['user_last_name'] = $_REQUEST['user_last_name']; $_SESSION['user_email'] = $data['user_email'] = $_REQUEST['user_email']; if ($_MYSTERY['allow_username_changes'] == 'yes') { $_SESSION['user_username'] = $data['user_username'] = $_REQUEST['user_username']; } // check to see if the passwords match and are set. If not, display error and the form again if ($_REQUEST['password_one'] != '') { // user want's to change password if ($_REQUEST['password_one'] != $_REQUEST['password_two']) { mystery_display_user_error('Your passwords do not match. Please try again.'); mystery_display_user_info_form(); return; } else { // passwords match, add to the update data array $data['user_password'] = md5($_REQUEST['password_one']); } } // prepare the rest of the items for the update query $table = $_MYSTERY['table_prefix'] . 'users'; $key = 'user_id'; $key_value = $_SESSION['user_id']; // perform the update query if (mystery_update_query($table, $data, $key, $key_value)) { mystery_display_user_feedback('Update Successful!'); echo ' <p>Your personal information was updated successfully. Any username/password change will take effect at your next login.</p> <p><a href="', $_SERVER['SCRIPT_NAME'], '">Return to the Main Menu</a></p> '; } else { mystery_display_user_error('Could not update Personal Information.'); mystery_display_admin_contact_info(); } }