| 1 |
<?php |
|---|
| 2 |
|
|---|
| 3 |
|
|---|
| 4 |
|
|---|
| 5 |
if (logged_on && isset($_REQUEST['action'])) { |
|---|
| 6 |
|
|---|
| 7 |
switch($_REQUEST['action']) { |
|---|
| 8 |
|
|---|
| 9 |
|
|---|
| 10 |
case "userdetails:update": |
|---|
| 11 |
if (isset($_REQUEST['name']) && isset($_REQUEST['email'])) { |
|---|
| 12 |
$userdetails_ok = "yes"; |
|---|
| 13 |
$name = addslashes($_REQUEST['name']); |
|---|
| 14 |
if (strlen($name) > 64) { |
|---|
| 15 |
$messages[] = "Your suggested name was too long. Please try something shorter."; |
|---|
| 16 |
$userdetails_ok = "no"; |
|---|
| 17 |
} |
|---|
| 18 |
$email = $_REQUEST['email']; |
|---|
| 19 |
if (!@preg_match("/^[a-zA-Z][\w\.-]*[a-zA-Z0-9]@[a-zA-Z0-9][\w\.-]*[a-zA-Z0-9]\.[a-zA-Z][a-zA-Z\.]*[a-zA-Z]$/i",$email)) { |
|---|
| 20 |
$messages[] = "Your suggested email address $email doesn't appear to be valid."; |
|---|
| 21 |
$userdetails_ok = "no"; |
|---|
| 22 |
} else { |
|---|
| 23 |
$email = addslashes($email); |
|---|
| 24 |
} |
|---|
| 25 |
|
|---|
| 26 |
if ($userdetails_ok == "yes") { |
|---|
| 27 |
$messages[] = "Your name and email address were updated."; |
|---|
| 28 |
$id = (int) $_SESSION['userid']; |
|---|
| 29 |
db_query("update users set name = '$name', email = '$email' where ident = $id"); |
|---|
| 30 |
$_SESSION['name'] = stripslashes($name); |
|---|
| 31 |
$_SESSION['email'] = stripslashes($email); |
|---|
| 32 |
} else { |
|---|
| 33 |
$messages[] = "Your user details were not changed."; |
|---|
| 34 |
} |
|---|
| 35 |
|
|---|
| 36 |
} |
|---|
| 37 |
|
|---|
| 38 |
if (isset($_REQUEST['password1']) && isset($_REQUEST['password2']) && $_REQUEST['password1'] != "") { |
|---|
| 39 |
$password1 = $_REQUEST['password1']; |
|---|
| 40 |
$password2 = $_REQUEST['password2']; |
|---|
| 41 |
if (($password1 == $password2)) { |
|---|
| 42 |
if (strlen($password1) < 4 || strlen($password1) > 32) { |
|---|
| 43 |
$messages[] = "Password not changed: Your password is either too short or too long. It must be between 4 and 32 characters in length."; |
|---|
| 44 |
} else if (!preg_match("/^[a-zA-Z0-9]*$/i",$password1)) { |
|---|
| 45 |
$messages[] = "Password not changed: Your password can only consist of letters or numbers."; |
|---|
| 46 |
} else { |
|---|
| 47 |
$messages[] = "Your password was updated."; |
|---|
| 48 |
db_query("update users set password = '".md5($password1)."' where ident = " . $_SESSION['userid']); |
|---|
| 49 |
} |
|---|
| 50 |
} else { |
|---|
| 51 |
$messages[] = "Password not changed: The password and its verification string did not match."; |
|---|
| 52 |
} |
|---|
| 53 |
} |
|---|
| 54 |
break; |
|---|
| 55 |
|
|---|
| 56 |
} |
|---|
| 57 |
|
|---|
| 58 |
} |
|---|
| 59 |
?> |
|---|
