Rev 70 | Rev 184 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
169 | tom | 1 | <?php |
2 | |||
3 | require '../_taios.php'; |
||
4 | |||
5 | $page = new Taios_Page('Update Account', '../'); |
||
6 | $userID = $page->getPostID(); |
||
7 | |||
8 | $page->checkLoggedIn(); |
||
9 | |||
10 | $accessID = $_POST['accessID']; |
||
11 | $password = $_POST['password']; |
||
12 | $email = $_POST['email']; |
||
13 | $name = $_POST['name']; |
||
14 | |||
15 | $user = $page->getUserByID($userID); |
||
16 | if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user) |
||
17 | { |
||
18 | if (isset($accessID) && $page->isUserAdmin($page->getLoggedInUser())) |
||
19 | { |
||
20 | $page->query('UPDATE Users SET AccessID = "' . $accessID . '" WHERE ID = ' . $userID); |
||
21 | } |
||
22 | |||
23 | if (!empty($password)) |
||
24 | { |
||
25 | $page->query('UPDATE Users SET Password = "' . sha1($password) . '" WHERE ID = ' . $userID); |
||
26 | } |
||
27 | |||
28 | if (!empty($email)) |
||
29 | { |
||
30 | $page->query('UPDATE Users SET EmailAddress = "' . $email . '" WHERE ID = ' . $userID); |
||
31 | } |
||
32 | |||
33 | if (!empty($name)) |
||
34 | { |
||
35 | $page->query('UPDATE Users SET Name = "' . $name . '" WHERE ID = ' . $userID); |
||
36 | } |
||
37 | } |
||
38 | else |
||
39 | { |
||
40 | if (!$user) |
||
41 | { |
||
42 | drawError('No such user, #' . $userID); |
||
43 | } |
||
44 | else |
||
45 | { |
||
46 | drawError('You do not have permission to access this page.'); |
||
47 | } |
||
48 | } |
||
49 | |||
50 | $page->redirect('account.php?id=' . $userID); |
||
51 | |||
52 | ?> |
||
53 |