} //// PROCESS DATA //////////////////////////// if ($_SESSION["error"]["message"]) { $_SESSION["error"]["form"]["user_options"] = "failed"; header("Location: ../index.php?page=user/options.php&id={$id}"); exit(0); } else { $_SESSION["error"] = array(); // start SQL transaction $sql_obj = new sql_query(); $sql_obj->trans_begin(); /* Generate new password */ if ($data["password"]) { user_changepwd($id, $data["password"]); } /* Update user account details */ $sql_obj->string = "UPDATE `users` SET " . "realname='" . $data["realname"] . "', " . "contact_email='" . $data["contact_email"] . "' " . "WHERE id='{$id}'"; if (!$sql_obj->execute()) { $_SESSION["error"]["message"][] = "A fatal SQL error occured whilst trying to update user account details."; } /* Update user options */ // remove old user options $sql_obj->string = "DELETE FROM users_options WHERE userid='{$id}'"; $sql_obj->execute(); // language
function user_newuser($username, $password, $realname, $email) { log_debug("inc_user", "Executing user_newuser({$username}, {$password}, {$realname}, {$email})"); // make sure that the user running this command is an admin if (user_permissions_get("admin")) { // verify data if ($username && $password && $realname && $email) { // TODO: Fix ACID compliance here // create the user account $sql_obj = new sql_query(); $sql_obj->string = "INSERT INTO `users` (username, realname, contact_email) VALUES ('{$username}', '{$realname}', '{$email}')"; $sql_obj->execute(); $userid = $sql_obj->fetch_insert_id(); // set the password user_changepwd($userid, $password); return $userid; } // if data is valid } // if user is an admin return 0; }