Project

General

Profile

1 4 ryan
<?php
2
3 275 stefan
// $Id$
4 4 ryan
5
/*
6
7
 Website Baker Project <http://www.websitebaker.org/>
8 310 ryan
 Copyright (C) 2004-2006, Ryan Djurovich
9 4 ryan
10
 Website Baker is free software; you can redistribute it and/or modify
11
 it under the terms of the GNU General Public License as published by
12
 the Free Software Foundation; either version 2 of the License, or
13
 (at your option) any later version.
14
15
 Website Baker is distributed in the hope that it will be useful,
16
 but WITHOUT ANY WARRANTY; without even the implied warranty of
17
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18
 GNU General Public License for more details.
19
20
 You should have received a copy of the GNU General Public License
21
 along with Website Baker; if not, write to the Free Software
22
 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23
24
*/
25
26
if(!defined('WB_URL')) {
27
	header('Location: ../index.php');
28 286 stefan
	exit(0);
29 4 ryan
}
30
31
// Get the values entered
32 275 stefan
$current_password = $wb->get_post('current_password');
33
$email = $wb->get_post('email');
34 4 ryan
35
// Create a javascript back link
36
$js_back = "javascript: history.go(-1);";
37
38
// Get existing password
39
$database = new database();
40 275 stefan
$query = "SELECT user_id FROM ".TABLE_PREFIX."users WHERE user_id = '".$wb->get_user_id()."' AND password = '".md5($current_password)."'";
41 4 ryan
$results = $database->query($query);
42
43
// Validate values
44
if($results->numRows() == 0) {
45 275 stefan
	$wb->print_error($MESSAGE['PREFERENCES']['OLD_PASSWORD_INCORRECT'], $js_back, false);
46 4 ryan
}
47
// Validate values
48 275 stefan
if(!$wb->validate_email($email)) {
49
	$wb->print_error($MESSAGE['USERS']['INVALID_EMAIL'], $js_back, false);
50 4 ryan
}
51
52 353 ryan
$email = $wb->add_slashes($email);
53
54 4 ryan
// Update the database
55
$database = new database();
56 275 stefan
$query = "UPDATE ".TABLE_PREFIX."users SET email = '$email' WHERE user_id = '".$wb->get_user_id()."' AND password = '".md5($current_password)."'";
57 4 ryan
$database->query($query);
58
if($database->is_error()) {
59 275 stefan
	$wb->print_error($database->get_error,'index.php', false);
60 4 ryan
} else {
61 275 stefan
	$wb->print_success($MESSAGE['PREFERENCES']['EMAIL_UPDATED'], WB_URL.'/account/preferences'.PAGE_EXTENSION);
62 4 ryan
	$_SESSION['EMAIL'] = $email;
63
}
64
65
?>