Location: PHPKode > projects > Online Resource Management system > storms/user/user_edit_info.php
<?php
/*******************************************
 *   Staff Edit Account Info
 *   maintained by: Wing Sin
 *   Create Date: 21 Feb 2001
 *   Last Update: 7 Mar 2001
 *   Input: user data
 *   Output: Nil
 *   Purpose: Used to Edit User Account
 ******************************************/

include("../includes/session_mysql.inc");
include("../includes/global-vars.inc");

session_start();
session_register("user_class");
session_register("username");
session_register("name");
session_register("lang");

include("$lang.inc");

?>
<html>
<head>
<title><?php print $msg_edit_info_title; ?></title>
<?php print $doc_encoding; ?>
<link rel="stylesheet" href="../style_<?php print $lang; ?>.css" type="text/css">
</head>
<SCRIPT LANGUAGE="JavaScript">
function isValidText(the_text, msg){
	if (the_text=="") {
		alert(msg);
		return false;
	}
	else
		return true;
}

function isValidPassword(password_1, password_2) {
	if (password_1 != password_2) {
		alert("<?php print $msg_user_err_password; ?>");
		return false;
	} else {
		return true;
	}
}

function emailCheck (emailStr) {
	var emailPat=/^(.+)@(.+)$/
	var specialChars="\\(\\)<>@,;:\\\\\\\"\\.\\[\\]"
	var validChars="\[^\\s" + specialChars + "\]"
	var quotedUser="(\"[^\"]*\")"
	var ipDomainPat=/^\[(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})\]$/
	var atom=validChars + '+'
	var word="(" + atom + "|" + quotedUser + ")"
	var userPat=new RegExp("^" + word + "(\\." + word + ")*$")
	var domainPat=new RegExp("^" + atom + "(\\." + atom +")*$")
	var matchArray=emailStr.match(emailPat)
	if (matchArray==null) {
		alert("<?php print $msg_user_err_email; ?>")
		return false
	}
	var user=matchArray[1]
	var domain=matchArray[2]
	
	if (user.match(userPat)==null) {
	    alert("<?php print $msg_user_err_username; ?>")
	    return false
	}
	
	var IPArray=domain.match(ipDomainPat)
	if (IPArray!=null) {
		  for (var i=1;i<=4;i++) {
		    if (IPArray[i]>255) {
		        alert("<?php print $msg_user_err_ip; ?>")
			return false
		    }
	    }
	    return true
	}
	
	var domainArray=domain.match(domainPat)
	if (domainArray==null) {
		alert("<?php print $msg_user_err_domain; ?>")
	    return false
	}
	
	var atomPat=new RegExp(atom,"g")
	var domArr=domain.match(atomPat)
	var len=domArr.length
	if (domArr[domArr.length-1].length<2 || 
	    domArr[domArr.length-1].length>3) {
	   alert("<?php print $msg_user_err_address; ?>")
	   return false
	}
	
	if (len<2) {
	   var errStr="<?php print $msg_user_err_host; ?>"
	   alert(errStr)
	   return false
	}
	
return true;
}

function frmChk(me){	
	if (!isValidText(me.user_name.value, "<?php print $msg_user_err_nousername; ?>") || !isValidPassword(me.in_password.value, me.re_password.value) || !emailCheck(me.user_email.value))
		return false;
	else
		return true;
}

</script>

<body bgcolor="#FFFFFF" text="#000000" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" bottommargin="0" rightmargin="0">
<table width="100%" height="100%" border="0" cellspacing="0" cellpadding="0">
        <tr>
		<td width="160" bgcolor="#FFFFFF" valign="top"> 
<?php include("menu.inc"); ?>			
		</td>
		<td valign="top">
			<table width="80%" border="0" cellspacing="2" cellpadding="0">
			<!--- Beginning of Edit Account Info Code --->
				<tr>
					<td colspan="3">
						<h3 class="heading"><?php print $msg_edit_info_title; ?></h3>
					</td>
				</tr>
				<tr>
					<td colspan="3" height="40">
						<div class="text10point"><?php print $msg_user; ?> <?php print $name; ?></div>
					</td>
				</tr>
<?php
	// To edit the user data
	if (!isset($action)) {
	$query_user = "SELECT * FROM users WHERE user_acct = '$username' ";
	$result_user = mysql_db_query($dbname, $query_user);
	if (!mysql_num_rows($result_user)) {
		on_error(0);
		exit();
	}
	$row = mysql_fetch_array($result_user);
?>
				<form name="form1" method="post" action="user_edit_info.php?action=edit_process" onsubmit="return frmChk(this);">
				<input type="hidden" name="in_userID" value="<?php echo $row["userID"] ?>">
				
				<tr>
					<td height="30" nowrap class="text10point" width="35%"><div align="right"><?php print $msg_user_acct; ?></div></td>
					<td class="textfield" width="65%" colspan="2"><?php if (!isset($to_reset)) echo $row["user_acct"]; ?> </td>
				</tr>
				<tr>
					<td height="35" nowrap class="text10point" width="35%"><div align="right"><?php print $msg_user_name; ?></div></td>
					<td class="textfield" width="65%" colspan="2"><input type="text" name="user_name" class="textfield" size="30" maxlength="30" value="<?php if (!isset($to_reset)) echo $row["user_name"] ?>"></td>
				</tr>
				<tr>
					<td height="35" nowrap class="text10point" width="35%"><div align="right"><?php print $msg_user_password; ?></div></td>
					<td class="textfield" width="65%" colspan="2"><input type="password" name="in_password" class="textfield" size="20"></td>
				</tr>
				<tr>
					<td height="35" nowrap class="text10point" width="35%"><div align="right"><?php print $msg_user_re_password; ?></div></td>
					<td class="textfield" width="65%" colspan="2"><input type="password" name="re_password" class="textfield" size="20"></td>
				</tr>
				<tr>
					<td height="35" nowrap class="text10point" width="35%"><div align="right"><?php print $msg_user_mail; ?></div></td>
					<td class="textfield" width="65%" colspan="2"><input type="text" name="user_email" class="textfield" size="30" maxlength="30" value="<?php if (!isset($to_reset)) echo $row["user_email"] ?>"></td>
				</tr>
				<tr>
					<td height="50" nowrap class="text10point" colspan="3" align="center" valign="bottom">
						<input type="image" name="submit" src="../image/update.png" border="0">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
						<a href="<?php print $HTTP_REFERER; ?>"><img src="../image/cancel.png" alt="<?php print $msg_cancel; ?>" border="0"></a>
					</td>
				</tr>
				</form>
			</table>
<?php
	mysql_free_result($result_user);
	
// To update the user data
	} elseif ($action=="edit_process") {
	// To check the Login ID exist or not
	$query_user = "SELECT userID FROM users WHERE user_acct = '$loginID' AND userID <> '$in_userID'";
	$result_user = mysql_db_query($dbname, $query_user);
	if (mysql_num_rows($result_user) > 0) {
		on_error(11);
		exit();
	}
	mysql_free_result($result_user);
	
	if ($in_password == "") {
		$insertStmt = "UPDATE users SET user_name = '$user_name', user_email = '$user_email' " . 
					"WHERE userID = '$in_userID'";
	} else {
		$temp_pass = md5($in_password);
		// Used to edit the user data
		$insertStmt = "UPDATE users SET user_name = '$user_name', user_email = '$user_email', user_password = '$temp_pass' " . 
					"WHERE userID = '$in_userID'";
	}
	if (!mysql_db_query($dbname, $insertStmt)) {
		on_error(6);
		exit();
	}
?>
				<tr>
					<td colspan="3" height="40"><?php print $msg_edit_info_result; ?></td>
				</tr>
				<tr>
					<td colspan="3" align="center" height="60" valign="bottom">
					<form action="welcome.php">
						<input type="image" name="submit" src="../image/ok.png" border="0">
					</form>
					</td>
				</tr>
			</table>
<?php
	}
?>
		<!--- End of Edit Account Info Code --->
		</td>		
	</tr>
</table>
</body>
</html>
Return current item: Online Resource Management system