Rev 169 | Rev 471 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 169 | tom | 1 | <?php |
| 2 | |||
| 3 | require '../_taios.php'; |
||
| 4 | |||
| 5 | $page = new Taios_Page('Update Account', '../'); |
||
| 6 | $userID = $page->getPostID(); |
||
| 7 | |||
| 8 | $page->checkLoggedIn(); |
||
| 9 | |||
| 10 | $accessID = $_POST['accessID']; |
||
| 11 | $password = $_POST['password']; |
||
| 12 | $email = $_POST['email']; |
||
| 13 | $name = $_POST['name']; |
||
| 14 | |||
| 15 | $user = $page->getUserByID($userID); |
||
| 16 | if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user) |
||
| 17 | { |
||
| 18 | if (isset($accessID) && $page->isUserAdmin($page->getLoggedInUser())) |
||
| 19 | { |
||
| 20 | $page->query('UPDATE Users SET AccessID = "' . $accessID . '" WHERE ID = ' . $userID); |
||
| 21 | } |
||
| 22 | |||
| 23 | if (!empty($password)) |
||
| 24 | { |
||
| 25 | $page->query('UPDATE Users SET Password = "' . sha1($password) . '" WHERE ID = ' . $userID); |
||
| 26 | } |
||
| 27 | |||
| 28 | if (!empty($email)) |
||
| 29 | { |
||
| 30 | $page->query('UPDATE Users SET EmailAddress = "' . $email . '" WHERE ID = ' . $userID); |
||
| 31 | } |
||
| 32 | |||
| 33 | if (!empty($name)) |
||
| 34 | { |
||
| 35 | $page->query('UPDATE Users SET Name = "' . $name . '" WHERE ID = ' . $userID); |
||
| 36 | } |
||
| 37 | } |
||
| 38 | else |
||
| 39 | { |
||
| 40 | if (!$user) |
||
| 41 | { |
||
| 184 | tom | 42 | $page->drawError('No such user, #' . $userID); |
| 169 | tom | 43 | } |
| 44 | else |
||
| 45 | { |
||
| 184 | tom | 46 | $page->drawError('You do not have permission to access this page.'); |
| 169 | tom | 47 | } |
| 48 | } |
||
| 49 | |||
| 50 | $page->redirect('account.php?id=' . $userID); |
||
| 51 | |||
| 52 | ?> |
||
| 53 |