Subversion Repositories taios

Rev

Rev 492 | Rev 505 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
169 tom 1
<?php
2
 
3
require '../_taios.php';
4
 
5
$page = new Taios_Page('Update Account', '../');
6
$userID = $page->getPostID();
7
 
8
$page->checkLoggedIn();
9
 
10
$accessID = $_POST['accessID'];
11
$password = $_POST['password'];
12
$email = $_POST['email'];
13
$name = $_POST['name'];
502 freddie 14
$salt = $name + "sheeps";
169 tom 15
 
16
$user = $page->getUserByID($userID);
492 tom 17
if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user && $page->isUserNormal($page->getLoggedInUser())) {
18
    if (isset($accessID) && $page->isUserAdmin($page->getLoggedInUser())) {
19
        $page->query("UPDATE Users SET AccessID = ? WHERE ID = ?", array($accessID, $userID));
169 tom 20
    }
21
 
492 tom 22
    if (!empty($password)) {
502 freddie 23
        $page->query("UPDATE Users SET Password = ? WHERE ID = ?", array($page->saltAndBurn($password, $salt), $userID));
169 tom 24
    }
25
 
492 tom 26
    if (!empty($email)) {
27
        $page->query("UPDATE Users SET EmailAddress = ? WHERE ID = ?", array($email, $userID));
169 tom 28
    }
29
 
492 tom 30
    if (!empty($name)) {
31
        $page->query("UPDATE Users SET Name = ? WHERE ID = ?", array($name, $userID));
169 tom 32
    }
492 tom 33
} else {
34
    if (!$user) {
184 tom 35
        $page->drawError('No such user, #' . $userID);
492 tom 36
    } else {
184 tom 37
        $page->drawError('You do not have permission to access this page.');
169 tom 38
    }
39
}
40
 
41
$page->redirect('account.php?id=' . $userID);
42
 
43
?>
44