Location: PHPKode > projects > phpMyRecipes > phpMyRecipes/profile.php
<?php
# Copyright 2004 Todd Palino
#
# This file is part of phpMyRecipes.
#
# phpMyRecipes is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
#
# phpMyRecipes is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
# details.
#
# You should have received a copy of the GNU General Public License along with
# phpMyRecipes; if not, write to the Free Software Foundation, Inc., 59 Temple
# Place, Suite 330, Boston, MA  02111-1307  USA

  require("include.php");

  if (($dbconn = mysql_pconnect(DB_HOST, DB_USER, DB_PASS)) <= 0) {
    dberror("profile.php", "Cannot connect to database");
  }
  if (! mysql_select_db(DB_DB, $dbconn)) {
    dberror("profile.php", "Cannot select database");
  }

  if (!($session = getsession())) {
    header("Location: " . URL_PREFIX . slink("index.php"));
    exit();
  }

  if (empty($_POST)) {
    # Get the user's own info
    if ($result = mysql_query("SELECT username,name,email FROM users WHERE id=" . $session{'userid'})) {
      if (mysql_num_rows($result) == 0) {
        # This code is never reached in normal operation, so get the user out of here
        header("Location: " . URL_PREFIX . slink("index.php"));
        exit();
      }

      $row = mysql_fetch_array($result);

      # Paint the page
      paintform("", $session{'userid'}, $row[0], $row[1], $row[2]);
    } else {
      dberror("profile.php", "Cannot retrieve user from database");
    }
  }

  # Form submitted, so process it
  $username = $_POST['username'];
  $name = $_POST['name'];
  $email = $_POST['email'];
  $password1 = $_POST['password1'];
  $password2 = $_POST['password2'];

  if (! validate_username_notid($username, $session{'userid'})) {
    paintform("That username is invalid, or in use.", $id, $username, $name, $email, $privnum);
  }
  if (!empty($password1) || !empty($password2)) {
    if (! validate_password($password1, $password2)) {
      paintform("Enter a password and verify it to change the password, or leave the password fields blank.", $id, $username, $name, $email);
    }

    $crpass = bnic_crypt($password1);
    $query_pass = "password=\"$crpass\",";
  }
  if (! validate_email($email)) {
    paintform("A valid email address is required.", $id, $username, $name, $email);
  }
  if (! validate_str($name)) {
    paintform("A valid name is required.", $id, $username, $name, $email);
  }

  if (mysql_query("UPDATE users SET username=\"$username\", $query_pass name=\"$name\", email=\"$email\" " .
                  "WHERE id=" . $session{'userid'})) {
    if (mysql_query("UPDATE sessions SET username=\"$username\" WHERE userid=" . $session{'userid'})) {
      c_header("Update Profile User", "users");
?>
<P CLASS="content">Your profile has been updated.</P>

<P CLASS="content"><A HREF="<?php print slink("index.php"); ?>">Back Home</A></P>
<?php
      c_footer();
    } else {
      dberror("profile.php", "Cannot update session record");
    }
  } else {
    dberror("profile.php", "Cannot update user record");
  }

  function paintform($errtext, $id, $username, $name, $email) {
    c_header("Edit User", "users");

    if ($errtext != "") {
        print "<P CLASS=content><FONT SIZE=+1 COLOR=red>$errtext</FONT></P>\n";
    }
?>

<FORM ACTION="profile.php" METHOD="POST">
<?php insSessionField(); ?>

<TABLE WIDTH="100%" BORDER=0>
  <TR>
    <TD ALIGN=LEFT VALIGN=MIDDLE><P CLASS="content"><B>Username:</B></P></TD>
    <TD ALIGN=LEFT VALIGN=MIDDLE><INPUT TYPE=text NAME="username" VALUE="<?php print $username; ?>" SIZE=17 MAXLENGTH=16></TD>
  </TR>
  <TR>
    <TD ALIGN=LEFT VALIGN=MIDDLE><P CLASS="content"><B>Real Name:</B></P></TD>
    <TD ALIGN=LEFT VALIGN=MIDDLE><INPUT TYPE=text NAME="name" VALUE="<?php print $name; ?>" SIZE=40 MAXLENGTH=80></TD>
  </TR>
  <TR>
    <TD ALIGN=LEFT VALIGN=MIDDLE><P CLASS="content"><B>Email Address:</B></P></TD>
    <TD ALIGN=LEFT VALIGN=MIDDLE><INPUT TYPE=text NAME="email" VALUE="<?php print $email; ?>" SIZE=40 MAXLENGTH=80></TD>
  </TR>
  <TR><TD COLSPAN=2><HR></TD></TR>
  <TR>
    <TD ALIGN=LEFT VALIGN=MIDDLE><P CLASS="content"><B>Password:</B></P></TD>
    <TD ALIGN=LEFT VALIGN=MIDDLE><INPUT TYPE=password NAME="password1" VALUE="" SIZE=17 MAXLENGTH=16></TD>
  </TR>
  <TR>
    <TD ALIGN=LEFT VALIGN=MIDDLE><P CLASS="content"><B>Reenter Password:</B></P></TD>
    <TD ALIGN=LEFT VALIGN=MIDDLE><INPUT TYPE=password NAME="password2" VALUE="" SIZE=17 MAXLENGTH=16></TD>
  </TR>
</TABLE>
<INPUT TYPE=SUBMIT VALUE="Update Profile">
<INPUT TYPE=reset VALUE="Reset Form">
</FORM>

<?php

    c_footer();
    exit(0);
  }
?>
Web-based Email Marketing Software for sending email newsletters
Return current item: phpMyRecipes