public function updateAccount($accountID, $info) { $L = Core::$language->getCurrentLanguageStrings(); $dbLink = Core::$db->getDBLink(); $accountID = mysqli_real_escape_string($dbLink, $accountID); $prefix = Core::getDbTablePrefix(); if (empty($accountID) || !is_numeric($accountID)) { return array("success" => false, "errorCode" => ErrorCodes::INVALID_PARAMS, "errorMsg" => $L["invalid_account_id"]); } $firstName = $info["firstName"]; $lastName = $info["lastName"]; $email = $info["email"]; $passwordClause = ""; if (isset($info["password"]) && !empty($info["password"])) { $encryptionSalt = Core::getEncryptionSalt(); $encryptedPassword = crypt($info["password"], $encryptionSalt); $passwordClause = ", password = '******'"; } $response = Core::$db->query("\n\t\t\tUPDATE {$prefix}user_accounts\n\t\t\tSET first_name = '{$firstName}',\n\t\t\t\tlast_name = '{$lastName}',\n\t\t\t\temail = '{$email}'\n\t\t\t\t{$passwordClause}\n\t\t\tWHERE account_id = {$accountID}\n\t\t"); if ($response["success"]) { $this->getCurrentUser($accountID); return array("success" => true); } else { // TODO } }