Subversion Repositories taios

Rev

Rev 471 | Rev 502 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
169 tom 1
<?php
2
 
3
require '../_taios.php';
4
 
5
$page = new Taios_Page('Update Account', '../');
6
$userID = $page->getPostID();
7
 
8
$page->checkLoggedIn();
9
 
10
$accessID = $_POST['accessID'];
11
$password = $_POST['password'];
12
$email = $_POST['email'];
13
$name = $_POST['name'];
14
 
15
$user = $page->getUserByID($userID);
471 muzer 16
if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user && $page->isUserNormal($page->getLoggedInUser()))
169 tom 17
{
18
    if (isset($accessID) && $page->isUserAdmin($page->getLoggedInUser()))
19
    {
484 muzer 20
        $page->query('UPDATE Users SET AccessID = "' . $accessID . '" WHERE ID = "' . $userID . '"');
169 tom 21
    }
22
 
23
    if (!empty($password))
24
    {
484 muzer 25
        $page->query('UPDATE Users SET Password = "' . sha1($password) . '" WHERE ID = "' . $userID . '"');
169 tom 26
    }
27
 
28
    if (!empty($email))
29
    {
484 muzer 30
        $page->query('UPDATE Users SET EmailAddress = "' . $email . '" WHERE ID = "' . $userID . '"');
169 tom 31
    }
32
 
33
    if (!empty($name))
34
    {
484 muzer 35
        $page->query('UPDATE Users SET Name = "' . $name . '" WHERE ID = "' . $userID . '"');
169 tom 36
    }
37
}
38
else
39
{
40
    if (!$user)
41
    {
184 tom 42
        $page->drawError('No such user, #' . $userID);
169 tom 43
    }
44
    else
45
    {
184 tom 46
        $page->drawError('You do not have permission to access this page.');
169 tom 47
    }
48
}
49
 
50
$page->redirect('account.php?id=' . $userID);
51
 
52
?>
53