echo file_get_contents('template/header.html'); ?>
require('includes/db.php');
require('includes/settings.php');
displayTitle("Edit your account");
session_start();
if (isset($_SESSION['stagdata_user_id'])) {
if (isset($_POST["submit"])) {
$username = $_POST['username'];
$name = $_POST['name'];
$email = $_POST['email'];
$password = $_POST['password'];
$repeatPassword = $_POST['repeatPassword'];
$original_email = $_POST['original_email'];
} else {
$aQuery = mysql_query ("SELECT * FROM stagdata_user where id=".$_SESSION['stagdata_user_id']);
if ($row = mysql_fetch_array($aQuery)) {
$username = $row['username'];
$name = $row['name'];
$email = $row['email'];
$original_email = $row['email'];
$password = 'NOT_CHANGED';
$repeatPassword = 'NOT_CHANGED';
}
}
//The complicated Validation
$error = false;
if (isset($_POST["submit"])) {
if (!isset($username) or $username == "" or $username == " ") {
echo "Error: You must specify a username!
";
$error = true;
} else {
$aQuery = mysql_query ("SELECT * FROM stagdata_user where username='".$username."' and id != ".$_SESSION['stagdata_user_id']);
if ($row = mysql_fetch_array($aQuery)) {
echo "Error: Username already in use by another user
";
$error = true;
}
}
if (!isset($password) or $password == "" or $password == " ") {
echo "Error: You must specify a password!
";
$error = true;
} else {
if (!isset($repeatPassword) or $repeatPassword == "" or $repeatPassword == " ") {
echo "Error: You must repeat the password!
";
$error = true;
} else {
if ($repeatPassword != $password) {
echo "Error: Your passwords do not match!
";
$error = true;
}
}
}
if (!isset($email) or $email == "" or $email == " ") {
echo "Error: You must specify an email address!
";
$error = true;
} else {
if (strpos($email, "@") < 1) {
echo "Error: Email address does not appear to be valid!
";
$error = true;
} else {
$aQuery = mysql_query ("SELECT * FROM stagdata_user where email='".$email."'");
if ($row = mysql_fetch_array($aQuery) and $row['id'] != $_SESSION['stagdata_user_id']) {
echo "Error: Email address already in use by another user
";
$error = true;
}
}
}
if (!isset($name) or $name == "" or $name == " ") {
echo "Error: You must specify a name!
";
$error = true;
}
}
if (isset($_POST["submit"]) and !$error) {
$sqlQuery = "UPDATE stagdata_user set username='$username', name='$name' where id = ".$_SESSION['stagdata_user_id'];
if (mysql_query($sqlQuery)) {
echo "Account updated sucessfully. Click here to return to your account page.
";
} else {
echo "Sorry, there has been a problem creating your account, please contact Glenn or FieldIT"; //Glenn please put what you like here!
}
if ($password == 'NOT_CHANGED') {
} else {
$sqlQuery = "UPDATE stagdata_user set password='".md5($password)."' where id = ".$_SESSION['stagdata_user_id'];
if (mysql_query($sqlQuery)) {
echo "Password updated sucessfully
";
} else {
echo "Sorry, there has been a problem creating your account, please contact Glenn or FieldIT"; //Glenn please put what you like here!
}
}
if ($email != $original_email) {
$recipient = $email;
$mail_body = "Please click on the following link to confirm your email address change
".$http_home_url."email_change_confirm.php?email=".$email."&auth=".md5($original_email)."&id=".$_SESSION['stagdata_user_id']."";
$subject = $system_from_subject_prefix." email change confirmation, please action....";
$header = "From: ".$system_from_name." <".$system_from_email.">\r\n".'Content-Type: text/html; charset="iso-8859-1"\r\n';
mail($recipient, $subject, $mail_body, $header);
echo "Your email address change will be complete once you confirm you new email account
";
}
}
?>
} else {
echo "Error: You are not logged in!";
}
?>
echo file_get_contents('template/footer.html'); ?>