$_SESSION['prefs']['limit'] = $new_limit; $_SESSION['prefs']['shortcuts']['create'] = $new_sc_create; $_SESSION['prefs']['shortcuts']['edit'] = $new_sc_edit; $_SESSION['prefs']['shortcuts']['submit'] = $new_sc_submit; $_SESSION['prefs']['shortcuts']['todo'] = $new_sc_todo; $_SESSION['prefs']['close_warning'] = $new_close_warning; $_SESSION['prefs']['chem_editor'] = $new_chem_editor; $_SESSION['prefs']['lang'] = $new_lang; $msg_arr[] = _('Preferences updated.'); } // END TAB 1 // TAB 2 : ACCOUNT if (isset($_POST['currpass'])) { $tab = '2'; // check that we got the good password if (!$user->checkCredentials($_SESSION['username'], $_POST['currpass'])) { $msg_arr[] = _("Please input your current password!"); $errflag = true; $_SESSION['errors'] = $msg_arr; header("location: ../ucp.php?tab=" . $tab); exit; } // Check USERNAME (sanitize and validate) if (isset($_POST['username']) && !empty($_POST['username'])) { $username = filter_var($_POST['username'], FILTER_SANITIZE_STRING); // Check for duplicate username in DB $sql = "SELECT * FROM users WHERE username = :username"; $req = $pdo->prepare($sql); $req->bindParam(':username', $username); $result = $req->execute(); $data = $req->fetch();