WB 2.08.x

<?php

/**

 *

 * @category        frontend

 * @package         account

 * @author          WebsiteBaker Project

 * @copyright       2004-2009, Ryan Djurovich

 * @copyright       2009-2011, Website Baker Org. e.V.

 * @link			http://www.websitebaker2.org/

 * @license         http://www.gnu.org/licenses/gpl.html

 * @platform        WebsiteBaker 2.8.x

 * @requirements    PHP 5.2.2 and higher

 * @version         $Id$

 * @filesource		$HeadURL$

 * @lastmodified    $Date$

 *

 */

// Must include code to stop this file being accessed directly

if(defined('WB_PATH') == false)

{

	// Stop this file being access directly

		die('<h2 style="color:red;margin:3em auto;text-align:center;">Cannot access this file directly</h2>');

}

/* -------------------------------------------------------- */

	$password = $wb->get_post('current_password');

	$email = $wb->get_post('email');

// validate password

	$sql  = "SELECT `user_id` FROM `".TABLE_PREFIX."users` ";

	$sql .= "WHERE `user_id` = ".$wb->get_user_id()." AND `password` = '".md5($password)."'";

	$rowset = $database->query($sql);

		$error[] = $MESSAGE['PREFERENCES']['CURRENT_PASSWORD_INCORRECT'];

	}else {

		if(!$wb->validate_email($email)) {

			$error[] = $MESSAGE['USERS']['INVALID_EMAIL'];

		}else {

			$email = $wb->add_slashes($email);

			$database->query($sql);

			if($database->is_error()) {

				$error[] = $database->get_error();

			} else {

				$success[] = $MESSAGE['PREFERENCES']['EMAIL_UPDATED'];

				$_SESSION['EMAIL'] = $email;

			}

		}

	}