From d895b852a6e160496ffc760d46d3719a3d62ff86 Mon Sep 17 00:00:00 2001 From: Nathan Kinkade Date: Sun, 3 Feb 2008 23:23:24 +0000 Subject: Initial checkin of nutridb.org and basic subversion directory structure --- edit_account.php | 138 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 138 insertions(+) create mode 100644 edit_account.php (limited to 'edit_account.php') diff --git a/edit_account.php b/edit_account.php new file mode 100644 index 0000000..0555b54 --- /dev/null +++ b/edit_account.php @@ -0,0 +1,138 @@ +You must specify a login name."; + header("Location: {$config->_previousUri}"); + exit; + } else { + $username = trim($_POST['username']); + if ( strlen($username) < 5 ) { + $_SESSION['systemMsg'] = "The login name must contain at least 5 characters."; + header("Location: {$config->_previousUri}"); + exit; + } + } + + # if the user submitted a new password then validate the fields + if ( isset($_POST['password']) && ("" != trim($_POST['password'])) ) { + $password = trim($_POST['password']); + if ( strlen($password) < 5 ) { + $_SESSION['systemMsg'] = "The password must contain at least 5 characters."; + header("Location: {$config->_previousUri}"); + exit; + } + if ( ! isset($_POST['password2']) || (trim($_POST['password']) != trim($_POST['password2'])) ) { + $_SESSION['systemMsg'] = "Your passwords do not match."; + header("Location: {$config->_previousUri}"); + exit; + } + } + + # make sure birthday is set and is valid + if ( isset($_POST['birthday']) && ("" == trim($_POST['birthday'])) ) { + $_SESSION['systemMsg'] = "You must specify a birthday (even if it's not real)."; + header("Location: {$config->_previousUri}"); + exit; + } else { + $birthday = strtotime($_POST['birthday']); + if ( ! $birthday ) { + $_SESSION['systemMsg'] = "Your birthday doesn't appear to be an actual date."; + header("Location: {$config->_previousUri}"); + exit; + } + } + + # make sure the user doesn't already exist in the database + $sql = sprintf (" + SELECT * FROM users + WHERE username = '%s' + ", + trim($_POST['username']) + ); + $db->Select($sql); + if ( $db->_rowCount > 0 ) { + $_SESSION['systemMsg'] = "The login name you selected is already in use. Please select another."; + header("Location: {$config->_previousUri}"); + exit; + } + + # validation must have passed so let's edit the user. + # the local variables were assigned during validation + + # if password is empty then the user didn't opt to change + # their password + if ( empty($password) ) { + $sql = sprintf (" + UPDATE users SET + username = '%s', + birthday = '%s', + gender = '%s' + WHERE id = '%s' + ", + $username, + $birthday, + $_POST['gender'], + $_SESSION['user']['id'] + ); + } else { + $sql = sprintf (" + UPDATE users SET + username = '%s', + password = '%s', + birthday = '%s', + gender = '%s' + WHERE id = '%s' + ", + $username, + md5($password), + $birthday, + $_POST['gender'], + $_SESSION['user']['id'] + ); + } + $db->Modify($sql); + if ( $db->_affectedRows == 1 ) { + # dump the users new info into the session + $_SESSION['user']['username'] = $username; + $_SESSION['user']['birthday'] = $birthday; + $_SESSION['user']['gender'] = $_POST['gender']; + $_SESSION['systemMsg'] = "Your profile was successfully updated."; + } else { + $_SESSION['systemMsg'] = "There was an error while updating the profile."; + } + header("Location: {$config->_previousUri}"); + exit; +} + +# a list of genders from which to populate the gender dropdown +$smarty->assign("genders", array("Female", "Male")); + +# convert the user's birthday timestamp to human readable date +$smarty->assign("birthday", date("Y-m-d", $_SESSION['user']['birthday'])); + +# grab the various parts. these sections are not printed to the screen +# but rather dumped into smarty variables that will simply be printed +# in the template, so the order doesn't matter here at the moment +include("header.php"); +include("sidebar_left.php"); +include("sidebar_right.php"); +include("footer.php"); + +$smarty->display("edit_account.tpl"); + -- cgit v1.2.3