Location: PHPKode > projects > Scriptorium > scriptorium1.6/user_management/update_preferences.php
<?php


include('../includes/scriptorium_inc.php');


if ($_SESSION['auth']['isLoggedIn'] != true ||
    $_POST['submit'] == '') {
  header("Location: ../index.php");
  exit();
}

$incoming_name = strip_tags($_POST['name']);
$incoming_username = strip_tags($_POST['username']);
//$incoming_locale = $_POST['locale'];
$incoming_locale = $_SESSION['locale'];
$incoming_password = trim($_POST['password']);
$incoming_email = strip_tags($_POST['email']);


$quoted_name = $db->quoteSmart($incoming_name);
$quoted_username = $db->quoteSmart($incoming_username);
$quoted_email = $db->quoteSmart($incoming_email);


if ($incoming_password == '') {
  $password_clause = '';
 } else {
  $password_clause = ',password=PASSWORD(' . $db->quoteSmart($incoming_password) . ')';
 }

$sql = <<<SQL

UPDATE scriptorium_users 
SET name=$quoted_name,
username=$quoted_username,
  locale='$incoming_locale',
email=$quoted_email
$password_clause
WHERE email='{$_SESSION['auth']['email']}'

SQL;

$result = $db->query($sql);



if ($db->isError($result)) {
  $_SESSION['message'] = "Unable to update your preferences.";
  header('Location: ../preferences.php');
  exit();
} else {
  $_SESSION['auth']['userName'] = stripslashes($incoming_username);
  $_SESSION['auth']['name'] = stripslashes($incoming_name);

  
  $_SESSION['auth']['email'] = stripslashes($incoming_email);
  $_SESSION['locale'] = $incoming_locale;

  header('Location: ../preferences_updated.php');
}  




Return current item: Scriptorium