<?php
session_start();
// This script was developed by Adam M. B. from aWeb Labs
// Visit us at http://www.labs.aweb.com.au
// for forum problems, bugs, or ideas email hide@address.com
// thanks for trying out or using this news script
// connect to database and pull up info
include "config.php";
$user123=$_POST['Username'];
$db = mysql_connect($db_host,$db_user,$db_pass);
mysql_select_db ($db_name) or die ("Cannot connect to database");
//Get the data
$query = "SELECT id, username, password FROM users WHERE username='$user123'";
$result = mysql_query($query);
/* Here we fetch the result as an array */
while($r=mysql_fetch_array($result))
{
/* This bit sets our data from each row as variables, to make it easier to display */
$id=$r["id"];
$_Username=$r["username"];
$_Password=$r["password"];
// If the form was submitted
if ($_POST['Submitted'] == "True") {
// If the username and password match up, then continue...
if ($_POST['Username'] == $_Username && $_POST['Password'] == $_Password) {
// Username and password matched, set them as logged in and set the
// Username to a session variable.
$_SESSION['Logged_In'] = "486689";
$_SESSION['Username'] = $_Username;
}
}
}
// If they are NOT logged in then show the form to login...
if ($_SESSION['Logged_In'] != "486689") {
echo "<META HTTP-EQUIV=\"refresh\" content=\"0; URL=login.php?page=" . $_SERVER['PHP_SELF'] . "\">";
} else {
include "style.php";
include "header.php";
?>
<div align="center">
<div class="subnav-box">
<a href="changep.php">Change Password</a>
|
<a href="editac.php">Edit Information</a>
|
<a href="feedback.php">Feedback</a>
|
<a href="<?=$_SERVER['PHP_SELF'];?>?mode=logout">Logout</a>
</div>
<div class="bluein-box3"><b>Edit Account Details:</b>
<div align="center">
<br>
<?
$a=$_GET['a'];
if ($a == "") {
$query = "SELECT id, username, emailadd, fullname FROM users WHERE username='$_SESSION[Username]'";
$result = mysql_query($query);
/* Here we fetch the result as an array */
while($r=mysql_fetch_array($result))
{
/* This bit sets our data from each row as variables, to make it easier to display */
$id=$r["id"];
$username=$r["username"];
$emailadd=$r["emailadd"];
$fullname=$r["fullname"];
// display it all
?>
<div align="center"><br>
<form method="post" name="edit" action="editac.php?a=edit">
Full Name:<br><input type="text" name="fullname" value="<?=$fullname;?>"><br><br>
E-mail Address:<br><input type="text" name="emailadd" value="<?=$emailadd;?>"><br><br>
<input type="submit" value="Change Details">
</form>
</div>
<?
}
echo "<br>";
} else { }
if ($a =="edit") {
$query = "UPDATE users SET fullname='$_POST[fullname]', emailadd ='$_POST[emailadd]' WHERE username = '$_SESSION[Username]'";
$result = mysql_query($query);
echo "Account ";
$query = "UPDATE news SET author='$_POST[fullname]', eauthor='$_POST[emailadd]'";
$result = mysql_query($query);
echo "Updated";
echo '<meta http-equiv="refresh" content="1;url=accounts.php">';
} else { }
?>
</div></div></div>
<?
include "footer.php";
// If they want to logout then
if ($_GET['mode'] == "logout") {
// Start the session
session_start();
// Put all the session variables into an array
$_SESSION = array();
// and finally remove all the session variables
session_destroy();
// Redirect to show results..
echo "<META HTTP-EQUIV=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "\">";
}
}
mysql_close($db);
?>