return $conn->query($sql);
}
+function gwvpmini_UpdateUserEmail($uid, $email)
+{
+ $conn = gwvpmini_ConnectDB();\r
+ \r
+ if($uid < 0) return;\r
+ \r
+ $sql = "update users set user_email='$email' where user_id='$uid'";\r
+ \r
+ return $conn->query($sql);
+}
+
+function gwvpmini_UpdateUserDesc($uid, $desc)\r
+{\r
+ $conn = gwvpmini_ConnectDB();\r
+\r
+ if($uid < 0) return;\r
+\r
+ $sql = "update users set user_desc='$desc' where user_id='$uid'";\r
+\r
+ return $conn->query($sql);\r
+}\r
+
+function gwvpmini_UpdateUserPassword($uid, $pass)
+{
+ $conn = gwvpmini_ConnectDB();
+
+ if($uid < 0) return;
+
+ $sql = "update users set user_password='".sha1($pass)."' where user_id='$uid'";
+
+ return $conn->query($sql);
+}
+
function gwvpmini_DisableUser($uid)\r
{\r
$conn = gwvpmini_ConnectDB();\r
if(!gwvpmini_GetUserId($user_view_call)) {
gwvpmini_SendMessage("error", "No such user, $user_view_call");
return false;
+ } else {
+ if(isset($qspl[2])) {
+ if($qspl[2] == "updateuserdesc") {
+ return "gwvpmini_ViewUpdateUserDesc";
+ }
+ if($qspl[2] == "updateuserpassword") {\r
+ return "gwvpmini_ViewUpdateUserPassword";\r
+ }\r
+ if($qspl[2] == "updateuseremail") {
+ return "gwvpmini_ViewUpdateUserEmail";
+ }
+ }
+ return "gwvpmini_UserViewPage";
}
- return "gwvpmini_UserViewPage";
} else return false;
} else return false;
}
}
if($isme || gwvpmini_isUserAdmin()) {
- echo "<form method=\"post\" action=\"$BASE_URL/user/updateuserdesc\">";
+ echo "<form method=\"post\" action=\"$BASE_URL/user/$user_view_call/updateuserdesc\">";
echo "Your Description<br><textarea name=\"desc\" cols=\"100\" rows=\"4\">".$dets["desc"]."</textarea><br>";
echo "<input type=\"submit\" name=\"Update\" value=\"Update\">";
echo "</form>";
echo "<h3>New Password</h3>";
- echo "<form method=\"post\" action=\"$BASE_URL/user/updateuserpassword\">";
+ echo "<form method=\"post\" action=\"$BASE_URL/user/$user_view_call/updateuserpassword\">";
echo "<table>";
if($isme) echo "<tr><td>Old Password</td><td><input type=\"password\" name=\"oldpassword\"></td></tr>";
echo "<tr><td>New Password</td><td><input type=\"password\" name=\"newpassword1\"></td></tr>";
echo "</form>";
echo "<h3>New Email Address</h3>";
- echo "<form method=\"post\" action=\"$BASE_URL/user/updateuseremail\">";
- echo "<table><tr><td>New Email Address</td><td><input type=\"password\" name=\"newemail1\"></td></tr>";
- echo "<tr><td>Confirm New Email Address</td><td><input type=\"password\" name=\"newemail2\"></td></tr></table>";
+ echo "<form method=\"post\" action=\"$BASE_URL/user/$user_view_call/updateuseremail\">";
+ echo "<table><tr><td>New Email Address</td><td><input type=\"text\" name=\"newemail1\"></td></tr>";
+ echo "<tr><td>Confirm New Email Address</td><td><input type=\"text\" name=\"newemail2\"></td></tr></table>";
echo "<input type=\"submit\" name=\"Update\" value=\"Update\">";
echo "</form>";
} else {
}
}
+function gwvpmini_ViewUpdateUserPassword()
+{
+ global $user_view_call, $BASE_URL;
+
+ $newpass1 = $_REQUEST["newpassword1"];
+ $newpass2 = $_REQUEST["newpassword2"];
+ $oldpass = $_REQUEST["oldpassword"];
+
+ $authd = gwvpmini_authUserPass($user_view_call, $oldpass);\r
+
+ $doupdate = false;
+
+ if(isset($_SESSION["username"])) if($_SESSION["username"] == $user_view_call && $authd !== false) {
+ $doupdate = true;
+ }
+
+ if(gwvpmini_isUserAdmin()) {
+ $doupdate = true;
+ }
+
+
+ if($newpass1 != $newpass2) {
+ gwvpmini_SendMessage("error", "Password and confirmation dont match");
+ } else if(!$doupdate) {
+ gwvpmini_SendMessage("error", "Could not update user desc, are you logged in?");
+ } else {
+ // do update
+ $uid = gwvpmini_GetUserId($user_view_call);
+ gwvpmini_UpdateUserPassword($uid, $newpass1);
+ gwvpmini_SendMessage("info", "Password Updated");
+ }
+
+ header("Location: $BASE_URL/user/$user_view_call");
+}
+
+function gwvpmini_ViewUpdateUserDesc()
+{
+ global $user_view_call, $BASE_URL;
+
+ $newdesc = $_REQUEST["desc"];
+ $doupdate = false;
+
+ if(isset($_SESSION["username"])) if($_SESSION["username"] == $user_view_call) {
+ $doupdate = true;
+ }
+
+ if(gwvpmini_isUserAdmin()) {
+ $doupdate = true;
+ }
+
+ if(!$doupdate) {
+ gwvpmini_SendMessage("error", "Could not update user desc, are you logged in?");
+ } else {
+ $uid = gwvpmini_GetUserId($user_view_call);\r
+ gwvpmini_UpdateUserDesc($uid, $newdesc);
+ gwvpmini_SendMessage("info", "Description Updated");
+ }
+
+ header("Location: $BASE_URL/user/$user_view_call");
+ }
+
+function gwvpmini_ViewUpdateUserEmail()
+{
+ global $user_view_call, $BASE_URL;\r
+ \r
+ $newem1 = $_REQUEST["newemail1"];
+ $newem2 = $_REQUEST["newemail2"];
+ $doupdate = false;\r
+ \r
+ if(isset($_SESSION["username"])) if($_SESSION["username"] == $user_view_call) {\r
+ $doupdate = true;\r
+ }\r
+ \r
+ if(gwvpmini_isUserAdmin()) {\r
+ $doupdate = true;\r
+ }\r
+
+ if($newem1 != $newem2) {
+ gwvpmini_SendMessage("error", "Email and confirmation did not match");
+ } else if(!$doupdate) {\r
+ gwvpmini_SendMessage("error", "Could not update user desc, are you logged in?");\r
+ } else {\r
+ $uid = gwvpmini_GetUserId($user_view_call);\r
+ gwvpmini_UpdateUserEmail($uid, $newem1);
+ gwvpmini_SendMessage("info", "Email Address Updated");\r
+ }\r
+ \r
+ header("Location: $BASE_URL/user/$user_view_call");\r
+
+}
+
?>
\ No newline at end of file
projects / gwvp-mini.git / commitdiff