/**
* This Function will return check multiple aspects of a users information and return true or errors.
* It will replace the uname_OK Function.
*
* @param string $u_name
* @param int $u_id
* @param string $address
* @return Array result{bool} and meessgae{string}
*/
function check_user_info($u_name, $u_id, $address)
{
$results = array('result' => true, 'message' => "");
/** check the u_name **/
if (!check_uname($u_name, $u_id)) {
$results['result'] = false;
$results['message'] .= "The username {" . $u_name . "} is already in use. Please try another.<BR>";
}
/** check the email is OK and not blank **/
$email_error = check_email_address($address);
if ($email_error['error_value']) {
$results['result'] = false;
$results['result'] .= $email_error['error_message'];
}
//displayArray($results);
return $results;
}
// insert into / update tables
$sql = "UPDATE users set passwd=md5('" . $_POST['n_pass'] . "') where user_id=" . $_POST['u_id'];
$result = $db->query($sql);
$_SESSION[$_CONF['sess_name'] . '_password'] = md5($_POST['n_pass']);
$t = "Message...";
$b = "Your password has been updated.<br />\n\t\t\t\t<form action=index.php?lev=" . $_SESSION[$_CONF['sess_name'] . '_lev'] . "&cat=" . $_SESSION[$_CONF['sess_name'] . '_cat'] . " method=POST>\n\t\t\t\t<input type=submit class=submit name=finish value=Continue>\n\t\t\t\t</FORM>";
$main .= make_box($t, $b, "yellow");
} else {
$t = "ERROR...";
$b = "Your passwords did not match. Press your Browser's BACK\n\t\t\t\t\tbutton and please fix. <br />\n\t\t\t\t\tBlank Passwords are not allowed.";
$main .= make_box($t, $b, "red");
}
}
if (isset($_POST['modify_ui'])) {
$email_error = check_email_address($_POST['u_email']);
if (check_uname($_POST['u_name'], $_POST['u_id']) && !$email_error['error_value']) {
$query = "UPDATE users set email='" . $_POST['u_email'] . "', address1='" . $_POST['u_address1'] . "', address2='" . $_POST['u_address2'] . "', city='" . $_POST['u_city'] . "',state='" . strtoupper($_POST['u_state']) . "', zip='" . $_POST['u_zip'] . "', phone='" . $_POST['u_phone'] . "', send_attend_email='" . $_POST['send_attend_email'] . "', weekly_progress='" . $_POST['weekly_progress'] . "'\n\t\t\t\t\tWHERE user_id=" . $_POST['u_id'];
$result = $db->query($query);
$_SESSION[$_CONF['sess_name'] . '_username'] = $_POST['u_name'];
$t = "Message...";
$b = "User Information updated.</FONT><br />\n\t\t\t\t<form action=index.php?lev=" . $_SESSION[$_CONF['sess_name'] . '_lev'] . "&cat=" . $_SESSION[$_CONF['sess_name'] . '_cat'] . " method=POST>\n\t\t\t\t<input type=submit class=submit name=finish value=Continue>\n\t\t\t\t</FORM>";
$main .= make_box($t, $b);
} else {
if ($email_error['error_value']) {
$t = "ERROR...";
$results[result] = false;
$b .= $email_error['error_message'];
$main .= make_box($t, $b, "red");
} else {
$t = "ERROR...";
$b = "That user name is taken. Press your Browser's BACK\n\t\t\t\t\t\tbutton and please fix.";
$message = "User information Updated.<br>";
$color = "blue";
// used to determine which box is drawn
$fname = $_POST['u_fname'];
$lname = $_POST['u_lname'];
$_ERROR = array();
$_ERROR['result'] = false;
$_ERROR['message'] = "";
$checkemail = check_email_address($_POST['u_email']);
if ($checkemail['error_value']) {
$_ERROR['result'] = true;
$_ERROR['message'] .= $checkemail['error_message'] . "<br />";
}
// Teacher cannot change uname, so check to see if it exists.
if (isset($_POST['u_name'])) {
$checkuname = check_uname($_POST['u_name'], $_POST['u_id']);
// true if no match
if (!$checkuname) {
$_ERROR['result'] = true;
$_ERROR['message'] .= "The username {" . $_POST['u_name'] . "} is already in use. Please pick another.<br />";
}
}
if (!$_ERROR['result']) {
$query = "UPDATE users SET first_name='" . $fname . "',last_name='" . $lname . "', email='" . $_POST['u_email'] . "'";
if (isset($_POST['u_name'])) {
$query .= ", u_name='" . $_POST['u_name'] . "'";
}
$query .= ", address1='" . $_POST['u_address1'] . "', address2='" . $_POST['u_address2'] . "', city='" . $_POST['u_city'] . "', state='" . strtoupper($_POST['u_state']) . "', " . "zip='" . $_POST['u_zip'] . "', phone='" . $_POST['u_phone'] . "', send_attend_email='" . $_POST['send_attend_email'] . "', " . "weekly_progress='" . $_POST['weekly_progress'] . "', grade_level='" . $_POST['grade_level'] . "'";
// parents do not get a school
if (isset($_POST['school'])) {
$query .= ",school_id=" . $_POST['school'];
