}
} else {
if ($_GET['action'] == "edit") {
$imgErrString = "";
// This only gets set if there is a problem
$passErrString = "";
// This only gets set if there is a problem with the password
if (!isset($_GET['user'])) {
renderError("You must specify a user!");
}
if (THprofile_lcnames) {
$username = strtolower($_GET['user']);
} else {
$username = $_GET['user'];
}
if (!$db->userexists($username)) {
renderError("Invalid user specified!");
}
if (!$db->caneditprofile($username)) {
renderPermissionDenied();
}
if (isset($_POST['edit_update'])) {
$user = $db->getuserdata($username);
if (isset($_POST['capcode']) && trim($_POST['capcode']) != "" && $user['capcode'] != "") {
$capcode = $db->getusercapcode($user['capcode']);
// Don't bother with the approval process if it's identical to the capcode
// that's already been approved
if (htmlentities($capcode) != $_POST['capcode']) {
$db->proposeusercapcode($username, $_POST['capcode']);
}
}
$db->updateBCW(THbcw_filter, $filter['id'], $filter['from'], $filter['to'], $filter['notes']);
}
}
rebuild_filters();
header("Location: " . THurl . "admin.php?a=w");
} elseif ($_GET['t'] == "au") {
$errorstring = "";
if (isset($_POST['user'])) {
$profile_dbi = new ThornProfileDBI();
// This encapsulates the DB queries we need
$username = trim($_POST['user']);
$password = trim($_POST['password']);
$email = trim($_POST['email']);
// Name validation
// Check if the account exists
if ($profile_dbi->userexists($username) == true) {
$errorstring .= "Sorry, an account with this name already exists.<br />\n";
}
if (!preg_match('/^([\\w\\.])+$/i', $username)) {
$errorstring .= "Sorry, your name must be alphanumeric and contain no spaces.<br />\n";
}
// Password validation
if ($password) {
$passlength = strlen($password);
if ($passlength < 4) {
$errorstring .= "Sorry, your password must be at least 4 characters.<br />\n";
}
} else {
$errorstring .= "You must provide a password!<br />\n";
}
// Email validation