Subversion Repositories taios

Rev

Rev 505 | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
169 tom 1
<?php
2
 
3
require '../_taios.php';
4
 
5
$page = new Taios_Page('Update Account', '../');
6
$userID = $page->getPostID();
7
 
8
$page->checkLoggedIn();
9
 
10
$accessID = $_POST['accessID'];
11
$password = $_POST['password'];
12
$email = $_POST['email'];
13
$name = $_POST['name'];
14
 
15
$user = $page->getUserByID($userID);
492 tom 16
if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user && $page->isUserNormal($page->getLoggedInUser())) {
17
    if (isset($accessID) && $page->isUserAdmin($page->getLoggedInUser())) {
18
        $page->query("UPDATE Users SET AccessID = ? WHERE ID = ?", array($accessID, $userID));
169 tom 19
    }
20
 
492 tom 21
    if (!empty($password)) {
506 freddie 22
        $salt = $user->username . "sheeps";
504 freddie 23
        $page->query("UPDATE Users SET Password = ?, Salt = ? WHERE ID = ?", array($page->saltAndBurn($password, $salt), $salt, $userID));
169 tom 24
    }
25
 
492 tom 26
    if (!empty($email)) {
27
        $page->query("UPDATE Users SET EmailAddress = ? WHERE ID = ?", array($email, $userID));
169 tom 28
    }
29
 
492 tom 30
    if (!empty($name)) {
31
        $page->query("UPDATE Users SET Name = ? WHERE ID = ?", array($name, $userID));
169 tom 32
    }
492 tom 33
} else {
34
    if (!$user) {
184 tom 35
        $page->drawError('No such user, #' . $userID);
492 tom 36
    } else {
184 tom 37
        $page->drawError('You do not have permission to access this page.');
169 tom 38
    }
39
}
40
 
41
$page->redirect('account.php?id=' . $userID);
42
 
43
?>
44