Rev 484 | Rev 502 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
169 | tom | 1 | <?php |
2 | |||
3 | require '../_taios.php'; |
||
4 | |||
5 | $page = new Taios_Page('Update Account', '../'); |
||
6 | $userID = $page->getPostID(); |
||
7 | |||
8 | $page->checkLoggedIn(); |
||
9 | |||
10 | $accessID = $_POST['accessID']; |
||
11 | $password = $_POST['password']; |
||
12 | $email = $_POST['email']; |
||
13 | $name = $_POST['name']; |
||
14 | |||
15 | $user = $page->getUserByID($userID); |
||
492 | tom | 16 | if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user && $page->isUserNormal($page->getLoggedInUser())) { |
17 | if (isset($accessID) && $page->isUserAdmin($page->getLoggedInUser())) { |
||
18 | $page->query("UPDATE Users SET AccessID = ? WHERE ID = ?", array($accessID, $userID)); |
||
169 | tom | 19 | } |
20 | |||
492 | tom | 21 | if (!empty($password)) { |
22 | $page->query("UPDATE Users SET Password = ? WHERE ID = ?", array(sha1($password), $userID)); |
||
169 | tom | 23 | } |
24 | |||
492 | tom | 25 | if (!empty($email)) { |
26 | $page->query("UPDATE Users SET EmailAddress = ? WHERE ID = ?", array($email, $userID)); |
||
169 | tom | 27 | } |
28 | |||
492 | tom | 29 | if (!empty($name)) { |
30 | $page->query("UPDATE Users SET Name = ? WHERE ID = ?", array($name, $userID)); |
||
169 | tom | 31 | } |
492 | tom | 32 | } else { |
33 | if (!$user) { |
||
184 | tom | 34 | $page->drawError('No such user, #' . $userID); |
492 | tom | 35 | } else { |
184 | tom | 36 | $page->drawError('You do not have permission to access this page.'); |
169 | tom | 37 | } |
38 | } |
||
39 | |||
40 | $page->redirect('account.php?id=' . $userID); |
||
41 | |||
42 | ?> |
||
43 |