$_SESSION['prefs']['limit'] = $new_limit;
$_SESSION['prefs']['shortcuts']['create'] = $new_sc_create;
$_SESSION['prefs']['shortcuts']['edit'] = $new_sc_edit;
$_SESSION['prefs']['shortcuts']['submit'] = $new_sc_submit;
$_SESSION['prefs']['shortcuts']['todo'] = $new_sc_todo;
$_SESSION['prefs']['close_warning'] = $new_close_warning;
$_SESSION['prefs']['chem_editor'] = $new_chem_editor;
$_SESSION['prefs']['lang'] = $new_lang;
$msg_arr[] = _('Preferences updated.');
}
// END TAB 1
// TAB 2 : ACCOUNT
if (isset($_POST['currpass'])) {
$tab = '2';
// check that we got the good password
if (!$user->checkCredentials($_SESSION['username'], $_POST['currpass'])) {
$msg_arr[] = _("Please input your current password!");
$errflag = true;
$_SESSION['errors'] = $msg_arr;
header("location: ../ucp.php?tab=" . $tab);
exit;
}
// Check USERNAME (sanitize and validate)
if (isset($_POST['username']) && !empty($_POST['username'])) {
$username = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
// Check for duplicate username in DB
$sql = "SELECT * FROM users WHERE username = :username";
$req = $pdo->prepare($sql);
$req->bindParam(':username', $username);
$result = $req->execute();
$data = $req->fetch();
