Location: PHPKode > projects > @1 File Store > control/users/edit.php
<?
if(!isset($_GET["id"]) || $_GET["id"]=="") {
	exit("Bad request");
}
require_once("const.php");

// modify $form["fields"] => optional/reqired fields, added by niotech
if($USER_PROFILE_FIELDS["company"]==1){ $form["fields"]["company"]=array("type"=>"text","description"=>$lang['company_name'],"error"=>$lang['enter']." ".$lang['company_name']); }
if($USER_PROFILE_FIELDS["address1"]==1){ $form["fields"]["address1"]=array("type"=>"text","description"=>$lang['address_1'],"error"=>$lang['enter']." ".$lang['address_1']); }
if($USER_PROFILE_FIELDS["address2"]==1){ $form["fields"]["address2"]=array("type"=>"text","description"=>$lang['address_2'],"error"=>$lang['enter']." ".$lang['address_2']); }
if($USER_PROFILE_FIELDS["city"]==1){ $form["fields"]["city"]=array("type"=>"text","description"=>$lang['city'],"error"=>$lang['enter']." ".$lang['city']); }
if($USER_PROFILE_FIELDS["state"]==1){ $form["fields"]["state"]=array("type"=>"text","description"=>$lang['state'],"error"=>$lang['enter']." ".$lang['state']); }
if($USER_PROFILE_FIELDS["postcode"]==1){ $form["fields"]["postcode"]=array("type"=>"text","description"=>$lang['postcode'],"error"=>$lang['enter']." ".$lang['postcode']); }
if($USER_PROFILE_FIELDS["country"]==1){ $form["fields"]["country"]=array("type"=>"text","description"=>$lang['country'],"error"=>$lang['enter']." ".$lang['country']); }
if($USER_PROFILE_FIELDS["telephone"]==1){ $form["fields"]["telephone"]=array("type"=>"text","description"=>$lang['phone_number'],"error"=>$lang['enter']." ".$lang['phone_number']); }

$smarty->assign("action", $lang['edit_user_2']);
$form["submit"]=$lang['edit'];
$form["hidden_fields"]=array("id"=>$_GET["id"]);

$sqlqe="SELECT email FROM `".DB_PREFIX."users` WHERE `id`='".$_GET['id']."'";
if(!$mysql->query($sqlqe) || $mysql->num<=0) {
	exit($mysql->error);
}
$q_email = $mysql->field('email');
$err=0;

if($_SERVER["REQUEST_METHOD"]==$form["method"]) {
	$userform->load($form["fields"], $_POST);
	$form["errorcount"]=$userform->check($form["fields"]);
	if($form["errorcount"]==0) {
		if ($q_email != $form["fields"]["email"]["value"]) {
			$SQL1="SELECT COUNT(*) AS `cnt` FROM `".DB_PREFIX."users`";
			$SQL1.=" WHERE `email`='".AddSlashes(trim($form["fields"]["email"]["value"]))."'";
			if(!$mysql->query($SQL1) || $mysql->num<=0) {
				exit($mysql->error);
			}
			if(intval($mysql->field("cnt"))>0) {
				$err=1;
				$errmsg=$lang['email_exist'];
			}
		}
		if ($err!='1') {
			$SQL="SELECT COUNT(*) AS `cnt` FROM `".DB_PREFIX."users`";
			$SQL.=" WHERE `login`='".AddSlashes(trim($form["fields"]["login"]["value"]))."'";
			$SQL.=" AND `id`<>'".$_POST["id"]."'";
			if(!$mysql->query($SQL) || $mysql->num<=0) {
				exit($mysql->error);
			}
			if(intval($mysql->field("cnt"))>0) {
				$err=1;
				$errmsg=$lang['login_exist'];
			}
		}
		if ($err=='1') {
			$form["errorcount"]=1;
			$form["message"]=$errmsg;
		} else {
			$SQL="UPDATE `".DB_PREFIX."users` SET ".$userform->sql($form["fields"])." WHERE `id`='".$_POST["id"]."'";
			if(!$mysql->query($SQL)) {
				exit($mysql->error);
			}
			if($_POST["old_confirm"]=="N" && $form["fields"]["confirm"]["value"]=="Y") {
				$MAIL=sprintf($APP_USER, $form["fields"]["login"]["value"]);
				mail($form["fields"]["email"]["value"], $lang['account_accept'], $MAIL, "From:".ADMIN_EMAIL);
			}
			Header("Location:index.php");
			exit();
		}
	}
	$form["hidden_fields"]["old_confirm"]=$_POST["old_confirm"];
} else {
	$SQL="SELECT * FROM `".DB_PREFIX."users` WHERE `id`='".$_GET["id"]."'";
	if($CurUser->getlevel()>=0) {
		$SQL.=" AND (`level`<>0 AND `level`<>-1)";
	}
	if(!$mysql->query($SQL)) {
		exit($mysql->error);
	} else {
		$userform->load($form["fields"], $mysql->arr);
		$form["hidden_fields"]["old_confirm"]=$mysql->field("confirm");
	}
}
$smarty->assign("form", $form);
$smarty->display("control/form.tpl");
?>
Web-based Email Marketing Software for sending email newsletters
Return current item: @1 File Store