$database = new database($db_host, $db_name, $db_user, $db_password);
$base = new base($database);
$user = new user($database);
$register = new user_register($database);
//preform basic checks before loading page
if ($user->isLoggedIn()) {
$base->redirect('../index.php');
}
if (!isset($_SESSION['age']) || !isset($_SESSION['country'])) {
$base->redirect('index.php');
}
//0: no error
//1: error
$err = 0;
if (isset($_POST['username'])) {
if (!$register->validateUsername(trim($_POST['username']))) {
$err = 1;
} else {
$_SESSION['username'] = $_POST['username'];
$base->redirect('terms.php');
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- saved from url=(0034)https://secure.rs-2007.com/create/ -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<meta http-equiv="Expires" content="0">
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<form action="change_username.php" method="POST">
<table>
<tr><td><b><font size="1">Abuse of this system will result in a demotion.</font></b></td></tr>
<tr><td>Username</td><td><input type="text" class="button" name="old" maxlength="12"></td></tr>
<tr><td>New Username</td><td><input type="text" class="button" name="new" maxlength="12"></td></tr>
<tr><td>Done?</td><td><input type="submit" value="Change Username"></td></tr>
</table>
</form>
</div>
<?php
} elseif (!$user->doesExist($_POST['old'])) {
echo 'You can\'t change the name of a non-existent user. <input type="button" value="Back" onclick="goBack()" />';
} elseif ($user->getRank($_POST['old']) > 1 && $user->getUserId($_COOKIE['user']) != 1) {
echo 'You can\'t change the name of a staff member. <input type="button" value="Back" onclick="goBack()" />';
} elseif (!$register->validateUsername($_POST['new'])) {
echo 'The newly created username cannot be used. <input type="button" value="Back" onclick="goBack()" />';
} else {
//replace all their content with new username
$database->processQuery("UPDATE `users` SET `username` = ? WHERE `username` = ? LIMIT 1", array($_POST['new'], $_POST['old']), false);
$database->processQuery("UPDATE `posts` SET `username` = ? WHERE `username` = ?", array($_POST['new'], $_POST['old']), false);
$database->processQuery("UPDATE `threads` SET `username` = ? WHERE `username` = ?", array($_POST['new'], $_POST['old']), false);
$database->processQuery("UPDATE `messages` SET `creator` = ? WHERE `creator` = ?", array($_POST['new'], $_POST['old']), false);
$database->processQuery("UPDATE `messages` SET `receiver` = ? WHERE `receiver` = ?", array($_POST['new'], $_POST['old']), false);
$database->processQuery("UPDATE `replies` SET `username` = ? WHERE `username` = ?", array($_POST['new'], $_POST['old']), false);
$base->appendToFile('../forums/logs.txt', array($username . ' changed ' . $_POST['old'] . '\'s username to ' . $_POST['new']));
echo 'The user\'s username has successfully been changed. (<b>' . $_POST['old'] . ' -> ' . $_POST['new'] . ')';
}
?>
</div>
</div>