Rev 46 | Rev 184 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
32 | tom | 1 | <?php |
2 | |||
46 | tom | 3 | require '../_taios.php'; |
32 | tom | 4 | |
46 | tom | 5 | $page = new Taios_Page('Update Account', '../'); |
32 | tom | 6 | $userID = $page->getPostID(); |
7 | |||
8 | $page->checkLoggedIn(); |
||
9 | |||
10 | $accessID = $_POST['accessID']; |
||
11 | $password = $_POST['password']; |
||
12 | $email = $_POST['email']; |
||
13 | $name = $_POST['name']; |
||
14 | |||
15 | $user = $page->getUserByID($userID); |
||
16 | if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user) |
||
17 | { |
||
18 | if (isset($accessID) && $page->isUserAdmin($page->getLoggedInUser())) |
||
19 | { |
||
45 | tom | 20 | $page->query('UPDATE Users SET AccessID = "' . $accessID . '" WHERE ID = ' . $userID); |
32 | tom | 21 | } |
22 | |||
23 | if (!empty($password)) |
||
24 | { |
||
45 | tom | 25 | $page->query('UPDATE Users SET Password = "' . sha1($password) . '" WHERE ID = ' . $userID); |
32 | tom | 26 | } |
45 | tom | 27 | |
28 | if (!empty($email)) |
||
29 | { |
||
30 | $page->query('UPDATE Users SET EmailAddress = "' . $email . '" WHERE ID = ' . $userID); |
||
31 | } |
||
32 | |||
33 | if (!empty($name)) |
||
34 | { |
||
35 | $page->query('UPDATE Users SET Name = "' . $name . '" WHERE ID = ' . $userID); |
||
36 | } |
||
32 | tom | 37 | } |
38 | else |
||
39 | { |
||
40 | if (!$user) |
||
41 | { |
||
42 | drawError('No such user, #' . $userID); |
||
43 | } |
||
44 | else |
||
45 | { |
||
46 | drawError('You do not have permission to access this page.'); |
||
47 | } |
||
48 | } |
||
49 | |||
45 | tom | 50 | $page->redirect('account.php?id=' . $userID); |
32 | tom | 51 | |
52 | ?> |
||
70 | tom | 53 |