} if ($_POST['name_format'] != $user->data['name_format']) { $update['name_format'] = $_POST['name_format']; } //if ($_POST['amount'] != $user->data['email_notify'] && $_POST['amount'] != "") { // if ($_POST['amount'] != $user->data['email_notify'] ) { if (!isset($_POST['email_notify']) || $_POST['email_notify'] == 0) { $emailn = -1; } elseif (strtolower($_POST['amount']) == 'always' || $_POST['amount'] == "" || $_POST['amount'] == 0) { $emailn = 0; } else { $emailn = $_POST['amount']; } $update['email_notify'] = $emailn; //} if (update_user_profile($user, $update)) { $msg = "p1"; } else { $msg = "p2"; } } break; } if ($msg) { $redirect = "http://" . $_SERVER['HTTP_HOST'] . DIR . "profile.php?msg={$msg}"; header("Location: {$redirect}"); } // start HTML output if ($showprofile && $editprofile) { $urll = $_SERVER['PHP_SELF'] . "?mode=edit"; $topbar['rightnav'][0]['name'] = "Edit";
$gender = strip_tags($gender); if (strcmp($gender, 'male') != 0) { if (strcmp($gender, 'female') != 0) { redirect('../error.php'); break; } } $about = $_POST['about']; $about = addslashes($about); $about = strip_tags($about); $about_length = strlen($about); if ($about_length < 3 || $about_length > 800) { redirect('../error.php'); break; } echo update_user_profile($firstName, $lastName, $date, $gender, $about); break; case 'password_update': $old_password = $_POST['old_password']; $old_password = addslashes($old_password); $old_password = strip_tags($old_password); $password_length = strlen($old_password); if ($password_length < 8) { redirect('../error.php'); break; } $password = $_POST['password']; $password = addslashes($password); $password = strip_tags($password); $password_length = strlen($password); if ($password_length < 8) {
access_deny(); } // VAR TYPE OPTIONAL FLAGS VALIDATION EXCEPTION $fields = array('password1' => array(T_ZBX_STR, O_OPT, null, null, 'isset({save})&&isset({form})&&({form}!="update")&&isset({change_password})'), 'password2' => array(T_ZBX_STR, O_OPT, null, null, 'isset({save})&&isset({form})&&({form}!="update")&&isset({change_password})'), 'lang' => array(T_ZBX_STR, O_OPT, null, NOT_EMPTY, 'isset({save})'), 'theme' => array(T_ZBX_STR, O_OPT, null, NOT_EMPTY, 'isset({save})'), 'autologin' => array(T_ZBX_INT, O_OPT, null, IN('0,1'), null), 'autologout' => array(T_ZBX_INT, O_OPT, null, BETWEEN(90, 10000), null), 'url' => array(T_ZBX_STR, O_OPT, null, null, 'isset({save})'), 'refresh' => array(T_ZBX_INT, O_OPT, null, BETWEEN(0, 3600), 'isset({save})'), 'change_password' => array(T_ZBX_STR, O_OPT, null, null, null), 'save' => array(T_ZBX_STR, O_OPT, P_SYS | P_ACT, null, null), 'cancel' => array(T_ZBX_STR, O_OPT, P_SYS, null, null), 'form' => array(T_ZBX_STR, O_OPT, P_SYS, null, null), 'form_refresh' => array(T_ZBX_STR, O_OPT, null, null, null)); check_fields($fields); if (isset($_REQUEST['cancel'])) { $url = get_profile('web.menu.view.last', 'index.php'); redirect($url); } else { if (isset($_REQUEST['save'])) { $_REQUEST['password1'] = get_request('password1', null); $_REQUEST['password2'] = get_request('password2', null); if (isset($_REQUEST['password1']) && $_REQUEST['password1'] == '') { show_error_message(S_ONLY_FOR_GUEST_ALLOWED_EMPTY_PASSWORD); } else { if ($_REQUEST['password1'] == $_REQUEST['password2']) { $result = update_user_profile($USER_DETAILS['userid'], $_REQUEST['password1'], $_REQUEST['url'], get_request('autologin', 0), get_request('autologout', 0), $_REQUEST['lang'], $_REQUEST['theme'], $_REQUEST['refresh']); show_messages($result, S_USER_UPDATED, S_CANNOT_UPDATE_USER); if ($result) { add_audit(AUDIT_ACTION_UPDATE, AUDIT_RESOURCE_USER, 'User alias [' . $USER_DETAILS['alias'] . '] name [' . $USER_DETAILS['name'] . '] surname [' . $USER_DETAILS['surname'] . '] profile id [' . $USER_DETAILS['userid'] . ']'); } } else { show_error_message(S_CANNOT_UPDATE_USER_BOTH_PASSWORDS); } } } } show_table_header(S_USER_PROFILE_BIG . ' : ' . $USER_DETAILS['name'] . ' ' . $USER_DETAILS['surname']); echo '<br>'; insert_user_form($USER_DETAILS['userid'], 1); include_once 'include/page_footer.php';
<?php # # Changes user profile information # Called from edit_profile.php # include("redirect.php"); session_start(); include("includes/db_lib.php"); $updated_entry = new User(); $updated_entry->userId = $_REQUEST['user_id']; $updated_entry->actualName = $_REQUEST['fullname']; $updated_entry->phone = $_REQUEST['phone']; $updated_entry->email = $_REQUEST['email']; $updated_entry->langId = $_REQUEST['lang_id']; # Update changes in DB update_user_profile($updated_entry); $err_message = "Profile updated"; db_close(); $_SESSION['locale'] = $_REQUEST['lang_id']; header("location:edit_profile.php?upd"); ?>
remove_user($user_id, $mysqli); break; case 'remove_all_users': remove_user("", $mysqli); break; case 'unsubscribe': unsubscribe($title, $mysqli, $user_id); break; case 'query_series': db_query_series_json($mysqli, $title); break; case 'edit_profile': edit_user_profile($mysqli, $user_id); break; case 'update_profile': update_user_profile($mysqli, $user_id, $firstname, $lastname, $email); break; case 'remove_series': remove_series($mysqli, $title); break; case 'remove_all_series': remove_series($mysqli, ""); break; case 'add_series': query_omdb($mysqli); break; case 'calendar': calendar($mysqli, $user_id); break; } }
* GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * */ require_once __DIR__ . "/../../session.php"; require_once __DIR__ . "/../../moneyio.php"; open_session(); $user_id = $_GET["user_id"]; $user_name = $_POST["name"]; $user_surname = $_POST["surname"]; $user_aboutme = $_POST["aboutme"]; $user_phone_number = $_POST["phone_number"]; if (isset($_SESSION["mio-username"]) && !empty($_SESSION["mio-username"]) && isset($_SESSION["mio-username_id"]) && !empty($_SESSION["mio-username_id"]) && isset($_SESSION["mio-pic"]) && !empty($_SESSION["mio-pic"])) { if (isset($user_id) && !empty($user_id) && isset($user_name) && !empty($user_name) && isset($user_surname) && !empty($user_surname) && isset($user_aboutme) && !empty($user_aboutme) && isset($user_phone_number) && !empty($user_phone_number)) { require_once __DIR__ . "/user_func.php"; if (update_user_profile($user_name, $user_surname, $user_aboutme, $user_phone_number, $user_id)) { echo get_message("user_updated"); } else { echo get_message("user_not_updated"); } } else { echo get_message("user_error"); } } else { echo get_message("no_session"); }