WebSVN - taios - Blame - Rev 484 - /admin/account-do.php

Rev	Author	Line No.	Line
169	tom	1	<?php
		2
		3	require '../_taios.php';
		4
		5	$page = new Taios_Page('Update Account', '../');
		6	$userID = $page->getPostID();
		7
		8	$page->checkLoggedIn();
		9
		10	$accessID = $_POST['accessID'];
		11	$password = $_POST['password'];
		12	$email = $_POST['email'];
		13	$name = $_POST['name'];
		14
		15	$user = $page->getUserByID($userID);
471	muzer	16	if (($page->getLoggedInUser()->ID == $userID \|\| $page->isUserAdmin($page->getLoggedInUser())) && $user && $page->isUserNormal($page->getLoggedInUser()))
169	tom	17	{
		18	if (isset($accessID) && $page->isUserAdmin($page->getLoggedInUser()))
		19	{
484	muzer	20	$page->query('UPDATE Users SET AccessID = "' . $accessID . '" WHERE ID = "' . $userID . '"');
169	tom	21	}
		22
		23	if (!empty($password))
		24	{
484	muzer	25	$page->query('UPDATE Users SET Password = "' . sha1($password) . '" WHERE ID = "' . $userID . '"');
169	tom	26	}
		27
		28	if (!empty($email))
		29	{
484	muzer	30	$page->query('UPDATE Users SET EmailAddress = "' . $email . '" WHERE ID = "' . $userID . '"');
169	tom	31	}
		32
		33	if (!empty($name))
		34	{
484	muzer	35	$page->query('UPDATE Users SET Name = "' . $name . '" WHERE ID = "' . $userID . '"');
169	tom	36	}
		37	}
		38	else
		39	{
		40	if (!$user)
		41	{
184	tom	42	$page->drawError('No such user, #' . $userID);
169	tom	43	}
		44	else
		45	{
184	tom	46	$page->drawError('You do not have permission to access this page.');
169	tom	47	}
		48	}
		49
		50	$page->redirect('account.php?id=' . $userID);
		51
		52	?>
		53

Subversion Repositories taios