Location: PHPKode > scripts > PHP-AGTC membership system > admin/update_admin.php
<?php

  /* Members Admin Area (C) American Financing 2004-2005 */

  require '../mysqlvars.php';
  require '../lib/db.php';
  require '../lib/form_functions.php';

  session_start('ADMIN');

  require 'includes/secure_page.php';

  $dbConn = connectDB($dbHost, $dbUser, $dbPass, $dbDB);
  if (!$dbConn) {
	die ('Cannot connect to database');
  }

  if (!isset($_GET['username']) && !isset($_POST['username'])) {
	die ('Illegal navigation');
  }
  else {
	$username = isset($_GET['username']) ? stripData($_GET['username']) : stripData($_POST['username']);
  }
  

  unset($error);
  unset($confirm);
  $found = false;

  if (isset($_POST['update_pass'])) {
	$found = true;
	if (empty($_POST['password']) || empty($_POST['password2'])) {
	  $error = 'You must complete both password fields';
	}
	elseif ($_POST['password'] != $_POST['password2']) {
	  $error = 'Passwords do not match';
	}
	if (!isset($error)) {
	  $query = 'UPDATE wsd_admin SET ';
	  $query .= "password = MD5('" . prepareData($_POST['password']) . "')";
	  $query .= " WHERE ";
	  $query .= "username = '" . addslashes($username) . "'";
	  if (mysql_query($query,$dbConn)) { ?>
		<SCRIPT LANGUAGE="JavaScript">
		<!--
		   if (window.opener) {
			 if (!window.opener.closed) { 
			   window.opener.location.reload(1); 
			   window.close();
			 }
		   }
					     
		//-->
		</SCRIPT>
		<?php $confirm = 'Record updated';
		$found = false;
	  }
	  else {
		$error = mysql_error();
	  }
	  
	}
	
  }
  else {
	$query = "SELECT username FROM wsd_admin WHERE ";
	$query .= "username = '" . addslashes($username) . "'";
	$result = mysql_query($query, $dbConn);
	if ($result) {
	  if ($frow = mysql_fetch_array($result)) {
		$found = true;
		
	  }
	  else {
		$error = 'Record not found';
	  }
	}
	else {
	  $error = mysql_error();
	}
	
  }
  
  
?>
<html>
<head>
<title>Update Admin</title>
<META HTTP-EQUIV="PRAGMA" CONTENT="NOCACHE">
<link rel="stylesheet" href="styles/fgp.css" type="text/css">
</head>
<body>
  <table class="bg">
	<tr>
	  <td>
		<table class="fg">
		  <tr>
			<td class="title">Update Admin</td>
		  </tr>
		</table>
	  </td>
	</tr>
	
	<tr>
	  <td>
	  <table class="nb">
		  <?php if (isset($confirm)) { echo "<tr><td class=\"bold\">$confirm</td><tr>"; } ?>

		  <?php if (isset($error)) { echo "<tr><td class=\"error\">$error</td></tr>"; } ?>

		</table>
	  </td>
	</tr>
	<tr>
	  <td>
		<?php if ($found) { ?>
		  <table class="fg">
			<form method="POST" action="<?php echo $_SERVER['PHP_SELF'] ?>">
			<tr><td class="label">&nbsp;</td><td class="field"><input type="hidden" name="username" value="<?php echo htmlspecialchars($username) ?>"></td></tr>
			<tr>
			  <td class="label">Username:</td>
			  <td class="field"><?php echo $username ?></td>
			</tr>           
			<tr>
			  <td class="label">Password:</td>
			  <td class="field">
				<input type="password" name="password" size="16" maxlength="16">
			  </td>
			</tr>
			<tr>
			  <td class="label">Re-enter Password:</td>
			  <td class="field">
				<input type="password" name="password2" size="16" maxlength="16">
			  </td>
			</tr>
			<tr><td class="label">&nbsp;</td><td class="field"><input type="Submit" name="update_pass" value="Reset Pass"></td></tr>
			</form>
		  </table>
		<?php } ?>
	  </td>
	</tr>
  </table>
</body>
</html>

Return current item: PHP-AGTC membership system