userinfo['userid']) { $message->error_permission(); } $userinfo = $bugsys->userinfo; // ################################################################### if (empty($_REQUEST['do'])) { $_REQUEST['do'] = 'modify'; } // ################################################################### if ($_POST['do'] == 'update') { // ------------------------------------------------------------------- // display name validation $count = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE displayname = '" . $bugsys->in['displayname'] . "' AND userid <> " . $bugsys->userinfo['userid']); if ($count) { $message->phrase[] = $lang->string('That display name is already in use by another user'); } // ------------------------------------------------------------------- // authentication if (!empty($bugsys->in['password']) OR !empty($bugsys->in['email'])) { if (empty($bugsys->in['validate'])) { $message->phrase[] = $lang->string('You need to enter your current password to change your email or password'); } else { if (md5(md5($bugsys->in['validate']) . md5($bugsys->userinfo['salt'])) != $bugsys->userinfo['password']) { $message->phrase[] = $lang->string('Your authentication password does not match the one in our records'); } } } // ------------------------------------------------------------------- // email validation if (!empty($bugsys->in['email'])) { if (!empty($bugsys->in['email']) AND empty($bugsys->in['email_confirm'])) { $message->phrase[] = $lang->string('You need to enter both the email and confirm email fields to change your address'); } if ($bugsys->in['email'] != $bugsys->in['email_confirm']) { $message->phrase[] = $lang->string('Your email and confirm email addresses do not match'); } if ($bugsys->in['email']) { $count = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . $bugsys->in['email'] . "' AND userid <> " . $bugsys->userinfo['userid']); if ($count) { $message->phrase[] = $lang->string('That email address is already in use'); } } $email = true; } // ------------------------------------------------------------------- // password validation if (!empty($bugsys->in['password'])) { if (!empty($bugsys->in['password']) AND empty($bugsys->in['password_confirm'])) { $message->phrase[] = $lang->string('You need to enter both the password and confirm password fields to change your password'); } else { if ($bugsys->in['password'] != $bugsys->in['password_confirm']) { $message->phrase[] = $lang->string('Your password and confirm password do not match'); } } $password = true; } // ------------------------------------------------------------------- // copy fields $userinfo['displayname'] = $bugsys->in['displayname']; $userinfo['showemail'] = $bugsys->in['showemail']; $userinfo['showcolours'] = $bugsys->in['showcolours']; $userinfo['languageid'] = $bugsys->in['languageid']; $userinfo['timezone'] = $bugsys->in['timezone']; $email = $bugsys->in['email']; $email_confirm = $bugsys->in['email_confirm']; // ------------------------------------------------------------------- // error handling if ($message->phrase) { $message->error_list_process(); $show['errors'] = true; $_REQUEST['do'] = 'modify'; } else { $db->query(" UPDATE " . TABLE_PREFIX . "user SET displayname = '" . $bugsys->in['displayname'] . "', showemail = " . intval($bugsys->in['showemail']) . ", showcolours = " . intval($bugsys->in['showcolours']) . ", languageid = " . intval($bugsys->in['languageid']) . ", timezone = " . intval($bugsys->in['timezone']) . ($email ? " email = '" . $bugsys->in['email'] . "'" : '') . ($password ? " password = '" . md5(md5($bugsys->in['password']) . md5($bugsys->userinfo['salt'])) . "'" : '') . " WHERE userid = " . $bugsys->userinfo['userid'] ); $message->redirect($lang->string('The changes to your account have been made.'), 'userctrl.php'); } } // ################################################################### if ($_REQUEST['do'] == 'modify') { $langselect = construct_datastore_select('language', 'title', 'languageid', $userinfo['languageid']); foreach ($datef->fetch_timezone_list() AS $value => $label) { $selected = ($value == $userinfo['timezone']); eval('$tzselect .= "' . $template->fetch('selectoption') . '";'); } eval('$template->flush("' . $template->fetch('userctrl') . '");'); } /*=====================================================================*\ || ################################################################### || # $HeadURL$ || # $Id$ || ################################################################### \*=====================================================================*/ ?>