Subversion Repositories taios

Rev

Rev 471 | Rev 492 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed

<?php

require '../_taios.php';

$page = new Taios_Page('Update Account', '../');
$userID = $page->getPostID();

$page->checkLoggedIn();

$accessID = $_POST['accessID'];
$password = $_POST['password'];
$email = $_POST['email'];
$name = $_POST['name'];

$user = $page->getUserByID($userID);
if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user && $page->isUserNormal($page->getLoggedInUser()))
{
    if (isset($accessID) && $page->isUserAdmin($page->getLoggedInUser()))
    {
        $page->query('UPDATE Users SET AccessID = "' . $accessID . '" WHERE ID = "' . $userID . '"');
    }
   
    if (!empty($password))
    {
        $page->query('UPDATE Users SET Password = "' . sha1($password) . '" WHERE ID = "' . $userID . '"');
    }
   
    if (!empty($email))
    {
        $page->query('UPDATE Users SET EmailAddress = "' . $email . '" WHERE ID = "' . $userID . '"');
    }
   
    if (!empty($name))
    {
        $page->query('UPDATE Users SET Name = "' . $name . '" WHERE ID = "' . $userID . '"');
    }
}
else
{
    if (!$user)
    {
        $page->drawError('No such user, #' . $userID);
    }
    else
    {
        $page->drawError('You do not have permission to access this page.');
    }
}

$page->redirect('account.php?id=' . $userID);

?>