Location: PHPKode > projects > Cadence Guestbook Host > cadence/sources/admin/options.php
<?php

/************************************
 * Cadence
 * Remotely Hosted Guestbook Script.
 * (c) 2006, Dennis Pedrie
 * www.CadenceBook.com
 * options.php
 ***********************************
 * Cadence Guestbook is licensed under
 * a Creative Commons License.
 * More information is available by visiting
 * http://creativecommons.org/licenses/by/3.0/
 * or the LICENSE file in the Cadence Root Folder
 ***********************************/

if(!defined('IN_CADENCE')) {
	trigger_error("You may not access this file directly",E_USER_ERROR);
}

$do = $_GET['do'];

if(!$do) {
	$do = "settings";
}

if($do == "settings") {
	if(!$_POST['submit']) {
		$options = ($val_type == 0) ? "<option value=\"0\" selected>No Validation</option>" : "<option value=\"0\">No Validation</option>";
		$options .= ($val_type == 1) ? "<option value=\"1\" selected>Email Validation</option>" : "<option value=\"1\">Email Validation</option>";
		$options .= ($val_type == 2) ? "<option value=\"2\" selected>Admin Validation</option>" : "<option value=\"2\">Admin Validation</option>";
		$options .= ($val_type == 3) ?  "<option value=\"3\" selected>Email and Admin Validation</option>" : "<option value=\"3\">Email and Admin Validation</option>";
		$values = array(
			"title"		=>	$gbook->title,
			"email"		=>	$gbook->email,
			"val_type"	=>	$gbook->val_type,
			"flood"		=>	$gbook->flood,
			"about"		=>	$gbook->about,
			"options"	=>	$options);
		
		$tpl->assign("values",$values);
		$tpl->display("system/admin/options.tpl");
	}
	
	else {
		if($_GET['book'] == $book && $_POST['id'] == $book) {
			$values = array(
				"title"		=>	$post->clean_var($_POST['title']),
				"email"		=>	$post->clean_var($_POST['email']),
				"val_type"	=>	$post->clean_var($_POST['val_type']),
				"flood"		=>	$post->clean_var($_POST['flood']),
				"about"		=>	$post->clean_var($_POST['about'],true));
		}
		else {
			$gbook->kill("Incorrect Access");
		}
		
		foreach($values as $key=>$var) {
			if(strlen($var) == 0 && $key != "about") {
				$gbook->kill("All fields except About must be completed.");
			}
		}
		
		$db->query("UPDATE ". TABLE_PREFIX ."gbooks SET gbook_title = '". $values['title'] ."',
														gbook_email = '". $values['email'] ."',
														gbook_val_type = '". $values['val_type'] ."',
														gbook_flood = '". $values['flood'] ."',
														gbook_about = '". $values['about'] ."'
														WHERE gbook_id = '". intval($_GET['book']) ."'");
		
		echo "Settings updated.";
	}
}

if($do == "profile") {
	if(!$_POST['submit']) {
		$tpl->assign("name",$gbook->display_name);
		$tpl->display("system/admin/profile.tpl");
	}
	
	else {
		if($_GET['book'] == $book && $_POST['id'] == $book) {
			$values = array(
				"name"			=>	$post->clean_var($_POST['name']),
				"current_pass"	=>	$post->clean_var($_POST['current_pass']),
				"new_pass"		=>	$post->clean_var($_POST['new_pass']),
				"confirm_pass"	=>	$post->clean_var($_POST['confirm_pass']));
		}
		else {
			$gbook->kill("Incorrect Access");
		}
		
		if(strlen($values['name']) == 0) {
			$gbook->kill("Display Name may not be left blank.");
		}
		
		if(strlen($values['current_pass']) > 0) {
			if($values['new_pass'] == $values['confirm_pass']) {
				$changepass = true;				
			}
			else {
				$gbook->kill("The New Password field must be identical to the Confirm Password field.");
			}
		}
		
		$sql = "UPDATE ". TABLE_PREFIX ."gbooks SET gbook_display_name = '". $values['name'] ."'";
		$sql .= ($changepass) ? ", gbook_pass = password('". $values['new_pass'] ."')" : '';
		$sql .= " WHERE gbook_id = '". intval($_GET['book']) ."'";
		
		// Update Record
		$db->query($sql);
		
		// Get new Password Hash
		$hash = $db->get_var("SELECT gbook_pass FROM ". TABLE_PREFIX ."gbooks WHERE gbook_id = '". intval($_GET['book']) ."'");
		
		header("location:index.php?book=". intval($_GET['book']));
	}
}

?>
Return current item: Cadence Guestbook Host