Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //process_editAccount.php
- global $userdetails;
- global $user;
- if($_POST['editMail'] && !$_POST['checkE']) {
- $design->error("Please confirm email changing.");
- }
- elseif ($_POST['editMail'] && $_POST['checkE']) {
- //check if password matches the one in the db
- if(!$_POST['pass'])
- $design->error("Please enter your password in order to change your email address.");
- $hash = md5 ( $userdetails->personal_code . $_POST['pass'] . $userdetails->personal_code );
- if($hash != $userdetails->hash)
- $design->error("Incorrect password.");
- if($_POST['email'] == $userdetails->email)
- $design->error("Please modify your email address in order to change it.");
- $query = "UPDATE users set email = '" . $db->escape($_POST['email']) . "' WHERE id= $userdetails->id";
- $db->execute($query);
- $design->ok("You have successfully changed your email address.", "Edit Account", "/myAccount.html");
- }
- elseif ($_POST['editPass'] && !$_POST['checkP']) {
- $design->error("Please confirm password changing.");
- }
- elseif ($_POST['editPass'] && $_POST['checkP']) {
- if(!$_POST['oldpass'])
- $design->error("You didn't enter your current password.");
- if (isset($_POST['newp1'])) {
- if (!isset($_POST['newp2']))
- $design->error("Please confirm your new password.");
- if ($_POST['newp1'] != $_POST['newp2'])
- $design->error("Your new password was not confirmed. Please re-enter it.");
- $newPrivateCode = $user->generate_private_code();
- $newHash = $user->generate_has($_POST['newp1'], $newPrivateCode);
- $query = $db->update("users", array("hash" => "'" . $newHash . "'", "personale_code" => "'" . $newPrivateCode . "'"), array("id" => $userdetails->id));
- $db->execure($query);
- $design->ok("Your password has been changed.", "Edit Account", "/myAccount.html");
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
