function change_user_details($user_name, $user_email, $user_password)
{
$user_id = $_SESSION['user_id'];
if (validate_user_name($user_name) != true) {
return '<span class="error_span">Name must be <u>letters only</u> and be <u>2 to 12 letters long</u>. If your name is longer, use a short version of your name</span>';
}
if (validate_user_email($user_email) != true) {
return '<span class="error_span">Email must be a valid email address and be no more than 50 characters long</span>';
} elseif (validate_user_password($user_password) != true && !empty($user_password)) {
return '<span class="error_span">Password must be at least 4 characters</span>';
} elseif (user_name_exists($user_name, $conn) == true && $user_name != $_SESSION['user_name']) {
return '<span class="error_span">Name is already in use. If you have the same name as someone else, use another spelling that identifies you</span>';
} elseif (user_email_exists($user_email) == true && $user_email != $_SESSION['user_email']) {
return '<span class="error_span">Email is already registered</span>';
} else {
if (empty($user_password)) {
mysqli_query($conn, "UPDATE " . global_mysql_users_table . " SET user_name='{$user_name}', user_email='{$user_email}' WHERE user_id='{$user_id}'") or die('<span class="error_span"><u>MySQL error:</u> ' . htmlspecialchars(mysqli_error($conn)) . '</span>');
} else {
$user_password = encrypt_password($user_password);
mysqli_query($conn, "UPDATE " . global_mysql_users_table . " SET user_name='{$user_name}', user_email='{$user_email}', user_password='******' WHERE user_id='{$user_id}'") or die('<span class="error_span"><u>MySQL error:</u> ' . htmlspecialchars(mysqli_error($conn)) . '</span>');
}
mysqli_query($conn, "UPDATE " . global_mysql_reservations_table . " SET reservation_user_name='{$user_name}', reservation_user_email='{$user_email}' WHERE reservation_user_id='{$user_id}'") or die('<span class="error_span"><u>MySQL error:</u> ' . htmlspecialchars(mysqli_error($conn)) . '</span>');
$_SESSION['user_name'] = $user_name;
$_SESSION['user_email'] = $user_email;
$user_password = strip_salt($user_password);
setcookie(global_cookie_prefix . '_user_email', $user_email, time() + 3600 * 24 * intval(global_remember_login_days));
setcookie(global_cookie_prefix . '_user_password', $user_password, time() + 3600 * 24 * intval(global_remember_login_days));
return 1;
}
}
public function create()
{
if (empty($this->email)) {
return false;
}
if (empty($this->username) && !empty($this->email)) {
$this->username = array_shift(explode('@', $this->email));
}
$this->email = strtolower($this->email);
$this->created = time();
$this->updated = time();
$this->deleted = 0;
$this->password = md5($this->email . $this->password);
if (!user_email_exists($this->email) && !user_name_exists($this->username)) {
$this->save();
return true;
} else {
return false;
}
}
function user_name_exists_json()
{
if ($param = get('username')) {
$response = array('status' => 200, 'response' => user_name_exists($param));
} else {
$response = array('status' => 500, 'response' => 'missing arguments');
}
return json_encode($response);
}
function user_set_name($user_id, $new_username)
{
//If the new username is different from current
if (strcmp($new_username, user_get_name($user_id))) {
//check that no other user has it
if (!user_name_exists($new_username)) {
//set it
$sql = "UPDATE " . PREFIX . "user SET username='******' WHERE id=" . sql_safe($user_id) . ";";
if (mysql_query($sql)) {
add_message("New user name set");
} else {
add_error("User name could not be set: " . mysql_error());
}
} else {
add_error("User name '{$new_username}' is already in use.");
}
}
}
function change_user_details($user_name, $user_email, $user_password)
{
$user_id = $_SESSION['user_id'];
if (validate_user_name($user_name) != true) {
// return('<span class="error_span">Name must be <u>letters only</u> and be <u>2 to 12 letters long</u>. If your name is longer, use a short version of your name</span>');
return '<span class="error_span">El "Número de Alumno"solo admite <u>números</u>. Entre 3 y 6 dígitos</span>';
}
if (validate_user_email($user_email) != true) {
return '<span class="error_span">El Email debe ser válido y no tener más de 50 caracteres.</span>';
} elseif (validate_user_password($user_password) != true && !empty($user_password)) {
return '<span class="error_span">El Password debe tener un mínimo de 4 caracteres</span>';
} elseif (user_name_exists($user_name) == true && $user_name != $_SESSION['user_name']) {
return '<span class="error_span">Ese número de alumno ya fue utilizado</span>';
} elseif (user_email_exists($user_email) == true && $user_email != $_SESSION['user_email']) {
return '<span class="error_span">Email ya registrado</span>';
} else {
if (empty($user_password)) {
mysql_query("UPDATE " . global_mysql_users_table . " SET user_name='{$user_name}', user_email='{$user_email}' WHERE user_id='{$user_id}'") or die('<span class="error_span"><u>MySQL error:</u> ' . htmlspecialchars(mysql_error()) . '</span>');
} else {
$user_password = encrypt_password($user_password);
mysql_query("UPDATE " . global_mysql_users_table . " SET user_name='{$user_name}', user_email='{$user_email}', user_password='******' WHERE user_id='{$user_id}'") or die('<span class="error_span"><u>MySQL error:</u> ' . htmlspecialchars(mysql_error()) . '</span>');
}
mysql_query("UPDATE " . global_mysql_reservations_table . " SET reservation_user_name='{$user_name}', reservation_user_email='{$user_email}' WHERE reservation_user_id='{$user_id}'") or die('<span class="error_span"><u>MySQL error:</u> ' . htmlspecialchars(mysql_error()) . '</span>');
$_SESSION['user_name'] = $user_name;
$_SESSION['user_email'] = $user_email;
$user_password = strip_salt($user_password);
setcookie(global_cookie_prefix . '_user_email', $user_email, time() + 3600 * 24 * intval(global_remember_login_days));
setcookie(global_cookie_prefix . '_user_password', $user_password, time() + 3600 * 24 * intval(global_remember_login_days));
return 1;
}
}
