From b658ee7d6a31bfcdfa2044f18f10c2ba1a459283 Mon Sep 17 00:00:00 2001 From: Paul J R Date: Fri, 28 Sep 2012 09:02:13 +1000 Subject: [PATCH] user details updates works --- gwvpmini/gwvpmini_db.php | 33 +++++++++++++ gwvpmini/gwvpmini_user.php | 115 +++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 142 insertions(+), 6 deletions(-) diff --git a/gwvpmini/gwvpmini_db.php b/gwvpmini/gwvpmini_db.php index 884f496..c241b4c 100644 --- a/gwvpmini/gwvpmini_db.php +++ b/gwvpmini/gwvpmini_db.php @@ -252,6 +252,39 @@ function gwvpmini_RemoveUser($uid) return $conn->query($sql); } +function gwvpmini_UpdateUserEmail($uid, $email) +{ + $conn = gwvpmini_ConnectDB(); + + if($uid < 0) return; + + $sql = "update users set user_email='$email' where user_id='$uid'"; + + return $conn->query($sql); +} + +function gwvpmini_UpdateUserDesc($uid, $desc) +{ + $conn = gwvpmini_ConnectDB(); + + if($uid < 0) return; + + $sql = "update users set user_desc='$desc' where user_id='$uid'"; + + return $conn->query($sql); +} + +function gwvpmini_UpdateUserPassword($uid, $pass) +{ + $conn = gwvpmini_ConnectDB(); + + if($uid < 0) return; + + $sql = "update users set user_password='".sha1($pass)."' where user_id='$uid'"; + + return $conn->query($sql); +} + function gwvpmini_DisableUser($uid) { $conn = gwvpmini_ConnectDB(); diff --git a/gwvpmini/gwvpmini_user.php b/gwvpmini/gwvpmini_user.php index f2efe02..ec7aba5 100644 --- a/gwvpmini/gwvpmini_user.php +++ b/gwvpmini/gwvpmini_user.php @@ -48,8 +48,20 @@ function gwvpmini_UserViewCallMe() if(!gwvpmini_GetUserId($user_view_call)) { gwvpmini_SendMessage("error", "No such user, $user_view_call"); return false; + } else { + if(isset($qspl[2])) { + if($qspl[2] == "updateuserdesc") { + return "gwvpmini_ViewUpdateUserDesc"; + } + if($qspl[2] == "updateuserpassword") { + return "gwvpmini_ViewUpdateUserPassword"; + } + if($qspl[2] == "updateuseremail") { + return "gwvpmini_ViewUpdateUserEmail"; + } + } + return "gwvpmini_UserViewPage"; } - return "gwvpmini_UserViewPage"; } else return false; } else return false; } @@ -91,13 +103,13 @@ function gwvpmini_UserViewPageBody() } if($isme || gwvpmini_isUserAdmin()) { - echo "
"; + echo ""; echo "Your Description

"; echo ""; echo "
"; echo "

New Password

"; - echo "
"; + echo ""; echo ""; if($isme) echo ""; echo ""; @@ -106,9 +118,9 @@ function gwvpmini_UserViewPageBody() echo ""; echo "

New Email Address

"; - echo ""; - echo "
Old Password
New Password
"; - echo "
New Email Address
Confirm New Email Address
"; + echo ""; + echo ""; + echo "
New Email Address
Confirm New Email Address
"; echo ""; echo ""; } else { @@ -116,4 +128,95 @@ function gwvpmini_UserViewPageBody() } } +function gwvpmini_ViewUpdateUserPassword() +{ + global $user_view_call, $BASE_URL; + + $newpass1 = $_REQUEST["newpassword1"]; + $newpass2 = $_REQUEST["newpassword2"]; + $oldpass = $_REQUEST["oldpassword"]; + + $authd = gwvpmini_authUserPass($user_view_call, $oldpass); + + $doupdate = false; + + if(isset($_SESSION["username"])) if($_SESSION["username"] == $user_view_call && $authd !== false) { + $doupdate = true; + } + + if(gwvpmini_isUserAdmin()) { + $doupdate = true; + } + + + if($newpass1 != $newpass2) { + gwvpmini_SendMessage("error", "Password and confirmation dont match"); + } else if(!$doupdate) { + gwvpmini_SendMessage("error", "Could not update user desc, are you logged in?"); + } else { + // do update + $uid = gwvpmini_GetUserId($user_view_call); + gwvpmini_UpdateUserPassword($uid, $newpass1); + gwvpmini_SendMessage("info", "Password Updated"); + } + + header("Location: $BASE_URL/user/$user_view_call"); +} + +function gwvpmini_ViewUpdateUserDesc() +{ + global $user_view_call, $BASE_URL; + + $newdesc = $_REQUEST["desc"]; + $doupdate = false; + + if(isset($_SESSION["username"])) if($_SESSION["username"] == $user_view_call) { + $doupdate = true; + } + + if(gwvpmini_isUserAdmin()) { + $doupdate = true; + } + + if(!$doupdate) { + gwvpmini_SendMessage("error", "Could not update user desc, are you logged in?"); + } else { + $uid = gwvpmini_GetUserId($user_view_call); + gwvpmini_UpdateUserDesc($uid, $newdesc); + gwvpmini_SendMessage("info", "Description Updated"); + } + + header("Location: $BASE_URL/user/$user_view_call"); + } + +function gwvpmini_ViewUpdateUserEmail() +{ + global $user_view_call, $BASE_URL; + + $newem1 = $_REQUEST["newemail1"]; + $newem2 = $_REQUEST["newemail2"]; + $doupdate = false; + + if(isset($_SESSION["username"])) if($_SESSION["username"] == $user_view_call) { + $doupdate = true; + } + + if(gwvpmini_isUserAdmin()) { + $doupdate = true; + } + + if($newem1 != $newem2) { + gwvpmini_SendMessage("error", "Email and confirmation did not match"); + } else if(!$doupdate) { + gwvpmini_SendMessage("error", "Could not update user desc, are you logged in?"); + } else { + $uid = gwvpmini_GetUserId($user_view_call); + gwvpmini_UpdateUserEmail($uid, $newem1); + gwvpmini_SendMessage("info", "Email Address Updated"); + } + + header("Location: $BASE_URL/user/$user_view_call"); + +} + ?> \ No newline at end of file -- 1.7.0.4