Subversion Repositories taios

Rev

Rev 505 | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
169 tom 1 
<?php
2 
 
3 
require '../_taios.php';
4 
 
5 
$page = new Taios_Page('Update Account', '../');
6 
$userID = $page->getPostID();
7 
 
8 
$page->checkLoggedIn();
9 
 
10 
$accessID = $_POST['accessID'];
11 
$password = $_POST['password'];
12 
$email = $_POST['email'];
13 
$name = $_POST['name'];
14 
 
15 
$user = $page->getUserByID($userID);
492 tom 16 
if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user && $page->isUserNormal($page->getLoggedInUser())) {
17 
    if (isset($accessID) && $page->isUserAdmin($page->getLoggedInUser())) {
18 
        $page->query("UPDATE Users SET AccessID = ? WHERE ID = ?", array($accessID, $userID));
169 tom 19 
    }
20 
 
492 tom 21 
    if (!empty($password)) {
506 freddie 22 
        $salt = $user->username . "sheeps";
504 freddie 23 
        $page->query("UPDATE Users SET Password = ?, Salt = ? WHERE ID = ?", array($page->saltAndBurn($password, $salt), $salt, $userID));
169 tom 24 
    }
25 
 
492 tom 26 
    if (!empty($email)) {
27 
        $page->query("UPDATE Users SET EmailAddress = ? WHERE ID = ?", array($email, $userID));
169 tom 28 
    }
29 
 
492 tom 30 
    if (!empty($name)) {
31 
        $page->query("UPDATE Users SET Name = ? WHERE ID = ?", array($name, $userID));
169 tom 32 
    }
492 tom 33 
} else {
34 
    if (!$user) {
184 tom 35 
        $page->drawError('No such user, #' . $userID);
492 tom 36 
    } else {
184 tom 37 
        $page->drawError('You do not have permission to access this page.');
169 tom 38 
    }
39 
}
40 
 
41 
$page->redirect('account.php?id=' . $userID);
42 
 
43 
?>
44