Project

General

Profile

« Previous | Next » 

Revision 1509

Added by Luisehahne about 14 years ago

continue fixing frontend account

View differences:

email.php
19 19 
// Must include code to stop this file being access directly
20 20 
if(defined('WB_PATH') == false) { die("Cannot access this file directly"); }
21 21 

  		




  22
  
  
    
// Get the values entered


  		




  23
  
  
    
$current_password = $wb->get_post('current_password');


  		




  24
  
  
    
$email = $wb->get_post('email');


  		




  25
  
  
    

  		




  26
  
  
    
// Create a javascript back link


  		




  27
  
  
    
$js_back = WB_URL.'/account/preferences.php';


  		




  28
  
  
    
/*


  		




  29
  
  
    
if (!$wb->checkFTAN())


  		




  30
  
  
    
{


  		




  31
  
  
    
	$wb->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], $js_back, false);


  		




  32
  
  
    
	exit();


  		




  33
  
  
    
}


  		




  34
  
  
    
*/


  		




  35
  
  
    
// Get existing password


  		




  36
  
  
    
// $database = new database();


  		




  37
  
  
    
$query = "SELECT user_id FROM ".TABLE_PREFIX."users WHERE user_id = '".$wb->get_user_id()."' AND password = '".md5($current_password)."'";


  		




  38
  
  
    
$results = $database->query($query);


  		




  39
  
  
    

  		




  
  22
  
    
// Get entered values


  		




  
  23
  
    
	$password = $wb->get_post('current_password');


  		




  
  24
  
    
	$email = $wb->get_post('email');


  		




  
  25
  
    
// validate password


  		




  
  26
  
    
	$sql  = "SELECT `user_id` FROM `".TABLE_PREFIX."users` ";


  		




  
  27
  
    
	$sql .= "WHERE `user_id` = ".$wb->get_user_id()." AND `password` = '".md5($password)."'";


  		




  
  28
  
    
	$rowset = $database->query($sql);


  		




  40
  29
  
    
// Validate values


  		




  41
  
  
    
if($results->numRows() == 0) {


  		




  42
  
  
    
	$wb->print_error($MESSAGE['PREFERENCES']['CURRENT_PASSWORD_INCORRECT'], $js_back, false);


  		




  43
  
  
    
}


  		




  44
  
  
    
// Validate values


  		




  45
  
  
    
if(!$wb->validate_email($email)) {


  		




  46
  
  
    
	$wb->print_error($MESSAGE['USERS']['INVALID_EMAIL'], $js_back, false);


  		




  47
  
  
    
}


  		




  48
  
  
    

  		




  49
  
  
    
$email = $wb->add_slashes($email);


  		




  50
  
  
    

  		




  
  30
  
    
	if($rowset->numRows() == 0) {


  		




  
  31
  
    
		$error[] = $MESSAGE['PREFERENCES']['CURRENT_PASSWORD_INCORRECT'];


  		




  
  32
  
    
	}else {


  		




  
  33
  
    
		if(!$wb->validate_email($email)) {


  		




  
  34
  
    
			$error[] = $MESSAGE['USERS']['INVALID_EMAIL'];


  		




  
  35
  
    
		}else {


  		




  
  36
  
    
			$email = $wb->add_slashes($email);


  		




  51
  37
  
    
// Update the database


  		




  52
  
  
    
// $database = new database();


  		




  53
  
  
    
$query = "UPDATE ".TABLE_PREFIX."users SET email = '$email' WHERE user_id = '".$wb->get_user_id()."' AND password = '".md5($current_password)."'";


  		




  54
  
  
    
$database->query($query);


  		




  55
  
  
    
if($database->is_error()) {


  		




  56
  
  
    
	$wb->print_error($database->get_error,$js_back, false);


  		




  57
  
  
    
} else {


  		




  58
  
  
    
	$wb->print_success($MESSAGE['PREFERENCES']['EMAIL_UPDATED']);


  		




  59
  
  
    
	$_SESSION['EMAIL'] = $email;


  		




  60
  
  
    
}


  		




  
  38
  
    
			$sql = "UPDATE `".TABLE_PREFIX."users` SET `email` = '".$email."' WHERE `user_id` = ".$wb->get_user_id();


  		




  
  39
  
    
			$database->query($sql);


  		




  
  40
  
    
			if($database->is_error()) {


  		




  
  41
  
    
				$error[] = $database->get_error();


  		




  
  42
  
    
			} else {


  		




  
  43
  
    
				$success[] = $MESSAGE['PREFERENCES']['EMAIL_UPDATED'];


  		




  
  44
  
    
				$_SESSION['EMAIL'] = $email;


  		




  
  45
  
    
			}


  		




  
  46
  
    
		}


  		




  
  47
  
    
	}


  		












Also available in:  Unified diff