$errorFN = false; $errorLN = false; if (!check_words($fName)) { $errorFN = true; } if (!check_words($lName)) { $errorLN = true; } if (!$errorFN && !$errorLN) { $sql = 'UPDATE Users SET email=:email, '; $user_array = array(':firstName' => $fName, ':lastName' => $lName, ':email' => $email, ':email' => $email); db_connect(); if (strcmp($oldpass, "") != 0) { if (strcmp($newpass, "") != 0) { $newpassA = md5($newpass); if (db_check_user($email, $oldpass)) { $sql .= 'password=:password, '; $user_array[':password'] = $newpassA; } else { $problemCode = 0; $_SESSION['fName'] = $fName; $_SESSION['lName'] = $lName; $_SESSION['problem'] = $problemCode; message("bad", " Incorrect password. Try again. <a href=\"edit_user.php\">Go Back.</a>"); exit(0); } } } $sql .= 'firstName=:firstName, lastName=:lastName WHERE email=:email'; db_edit_entry($user_array, $sql); message("good", " Successfully updated your information! <a href=\"my_page.php\">Continue</a>");
<?php require_once 'lib/dblibs.php'; require_once 'lib/lib.php'; output_html5_header('Login', array("bootstrap/css/bootstrap.css", "css/style.css"), array("js/jquery.min.js", "bootstrap/js/bootstrap.min.js")); output_page_menu(); if (count($_POST) == 2 && array_key_exists('login', $_POST) && array_key_exists('pass', $_POST)) { $login = htmlspecialchars(trim($_POST['login'])); $pass = htmlspecialchars(trim($_POST['pass'])); if (check_email($login)) { db_connect(); if (db_check_user($login, $pass)) { $_SESSION['loggedin'] = $login; header('Location: my_page.php'); exit(0); } else { unset($_SESSION['loggedin']); message("bad", " Email or password incorrect. Try again.<a href='login.php?email=" . $login . "'> Go back. </a>"); exit(0); } } else { unset($_SESSION['loggedin']); message("bad", " Invalid email address. Try again.<a href='login.php?email=" . $login . "'> Go back. </a>"); exit(0); } } else { unset($_SESSION['loggedin']); header('Location: login.php'); exit(0); } output_page_footer();