Rev 45 |
Go to most recent revision |
Blame |
Compare with Previous |
Last modification |
View Log
| RSS feed
<?php
require '_taios.php';
$page = new Taios_Page
('Update Account');
$userID = $page->getPostID();
$page->checkLoggedIn();
$accessID = $_POST['accessID'];
$password = $_POST['password'];
$email = $_POST['email'];
$name = $_POST['name'];
$user = $page->getUserByID($userID);
if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user)
{
if (isset($accessID) && $page->isUserAdmin($page->getLoggedInUser()))
{
$page->query('UPDATE Users SET AccessID=' . $accessID . ' WHERE ID = ' . $userID);
}
if (!empty($password))
{
$page->query('UPDATE Users SET Password=' . sha1($password) . ' WHERE ID = ' . $userID);
}
}
else
{
if (!$user)
{
drawError
('No such user, #' . $userID);
}
else
{
drawError
('You do not have permission to access this page.');
}
}
$page->redirect('account.php?id=' . $id);
?>