// GNU Affero General Public License for more details. // // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. // // File: options.php require_once './common.php'; Tki\Login::checkLogin($pdo_db, $lang, $tkireg, $template); $body_class = 'options'; // Database driven language entries $langvars = Tki\Translate::load($pdo_db, $lang, array('options', 'common', 'global_includes', 'global_funcs', 'footer')); $title = $langvars['l_opt_title']; Tki\Header::display($pdo_db, $lang, $template, $title, $body_class); $players_gateway = new \Tki\Players\PlayersGateway($pdo_db); // Build a player gateway object to handle the SQL calls $playerinfo = $players_gateway->selectPlayerInfo($_SESSION['username']); echo "<body class='options'>\n"; echo "<h1>" . $title . "</h1>\n"; echo "<form accept-charset='utf-8' action=option2.php method=post>\n"; echo "<table>\n"; echo "<tr>\n"; echo "<th colspan=2><strong>" . $langvars['l_opt_chpass'] . "</strong></th>\n"; echo "</tr>\n"; echo "<tr>\n"; echo "<td>" . $langvars['l_opt_curpass'] . "</td>\n"; echo "<td><input type=password name=oldpass size=20 maxlength=20 value=\"\"></td>\n"; echo "</tr>\n"; echo "<tr>\n"; echo "<td>" . $langvars['l_opt_newpass'] . "</td>\n"; echo "<td><input type=password name=newpass1 size=20 maxlength=20 value=\"\"></td>\n"; echo "</tr>\n";
// Detect if this variable exists, and filter it. Returns false if anything wasn't right. $email = null; $email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL); if (mb_strlen(trim($email)) === 0) { $email = false; } // Detect if this variable exists, and filter it. Returns false if anything wasn't right. $filtered_post_password = null; $filtered_post_password = filter_input(INPUT_POST, 'pass', FILTER_SANITIZE_URL); if (mb_strlen(trim($filtered_post_password)) === 0) { $filtered_post_password = false; } if ($email !== null) { $players_gateway = new \Tki\Players\PlayersGateway($pdo_db); // Build a player gateway object to handle the SQL calls $playerinfo = $players_gateway->selectPlayerInfo($email); if ($playerinfo !== false) { $playerfound = true; } else { $playerfound = false; } $lang = $playerinfo['lang']; } else { // Detect if this variable exists, and filter it. Returns false if anything wasn't right. $lang = null; $lang = filter_input(INPUT_POST, 'lang', FILTER_SANITIZE_STRING); if (mb_strlen(trim($lang)) === 0) { $lang = false; } } if ($lang !== null) {