Location: PHPKode > projects > PhpBMS > phpbms/modules/base/include/myaccount.php
<?php


class myAccount{

    var $db;
    var $userUUID;

    function myAccount($db, $userUUID){

        $this->db = $db;

        $this->userUUID = $userUUID;

    }//end function init


    function displayRoles(){

	$querystatement = "
		SELECT
			`roles`.`id`,
			`roles`.`name`
		FROM
			`roles` INNER JOIN `rolestousers` ON `rolestousers`.`roleid`=`roles`.`uuid`
		WHERE
			`rolestousers`.`userid` = '".$this->userUUID."'
		";

	$queryresult = $this->db->query($querystatement);

	while($therecord = $this->db->fetchArray($queryresult))
		echo "<li>".$therecord["name"]."</li>";

    }//end function displayRoles


    function changePassword($oldPassword, $newPassword){

        if(DEMO_ENABLED !== "false")
            return "Cannot change password when in demonstration mode.";

        $querystatement = "
            SELECT
                `id`
            FROM
                `users`
            WHERE
                `uuid` = '".$this->userUUID."'
                AND password = ENCODE('".mysql_real_escape_string($oldPassword)."', '".mysql_real_escape_string(ENCRYPTION_SEED)."')";

        $queryresult = $this->db->query($querystatement);

        if($this->db->numRows($queryresult)){

            $updatestatement = "
                UPDATE
                    `users`
                SET
                    `password` = ENCODE('".mysql_real_escape_string($newPassword)."', '".mysql_real_escape_string(ENCRYPTION_SEED)."')
                WHERE
                    `uuid` = '".$this->userUUID."'";

            $this->db->query($updatestatement);

            return "password changed";

        }else
            return "Current password incorrect";

    }//end function changePassword


    function update($variables){

        $updatestatement = "
            UPDATE
                `users`
            SET
                `email` = '".mysql_real_escape_string($variables["email"])."',
                `phone` = '".mysql_real_escape_string($variables["phone"])."'
            WHERE
                `uuid` = '".$this->userUUID."'";

        $this->db->query($updatestatement);

        $_SESSION["userinfo"]["email"] = $variables["email"];
        $_SESSION["userinfo"]["phone"] = $variables["phone"];

        return "Record Updated";

    }//end function update

}//end class

?>
Return current item: PhpBMS