/**
* Updates a user's email address.
*
* @param {String} $oldEmail: The old email address.
* @param {String} $newEmail: The new email address.
* @return {String}
*/
function updateEmail($newEmail)
{
global $mysqli;
// Filter the new email.
if (!filter_var($newEmail, FILTER_VALIDATE_EMAIL)) {
return "Please enter in a valid email.";
}
// Assure the emails have been escaped.
$newEmail = $mysqli->real_escape_string(trim($newEmail));
// Assure new email does not exist.
$statement = $mysqli->prepare("SELECT 1 FROM users WHERE email = ?");
$statement->bind_param("s", $newEmail);
$statement->execute();
$statement->store_result();
if ($statement->num_rows == 1) {
return "This email address is already in use.";
}
// Update new email address.
$statement = $mysqli->prepare("UPDATE users SET email = ?, email_verify = FALSE WHERE id = ? LIMIT 1");
$statement->bind_param("si", $newEmail, $_SESSION["user_id"]);
$statement->execute();
$statement->store_result();
sendEmailVerification($newEmail);
return $statement->affected_rows > 0 ? "Email address updated successfully. Verification sent." : "Failed to update your email address.";
}
if (isset($_POST["oldPassword"], $_POST["password1"], $_POST["password2"])) {
if (strcmp(trim($_POST["password1"]), trim($_POST["password2"])) === 0) {
$dialog = updatePassword($_POST["oldPassword"], $_POST["password1"]);
} else {
$dialog = "Your passwords do not match.";
}
}
if (isset($_POST["oldEmail"], $_POST["email1"], $_POST["email2"])) {
if (strcmp(trim($_POST["email1"]), trim($_POST["email2"])) === 0) {
$dialog = updateEmail($_POST["oldEmail"], $_POST["email1"]);
} else {
$dialog = "Your emails do not match.";
}
}
if (isset($_POST["resend"])) {
exit(json_encode(array("type" => sendEmailVerification($_POST["resend"]))));
}
$title = "Account Details";
$loginRequired = true;
require "includes/header.php";
?>
<div class="container">
<div class="row page-header">
<div class="col-xs-12">
<h1>Account Details</h1>
<?php
if ($dialog !== "") {
?>
<p class="lead text-danger text-center"><?php
print $dialog;