2 /****************************************************************************/
4 /****************************************************************************/
5 /* Copyright (c) 2002-2010 */
6 /* Inclusive Design Institute */
9 /* This program is free software. You can redistribute it and/or */
10 /* modify it under the terms of the GNU General Public License */
11 /* as published by the Free Software Foundation. */
12 /****************************************************************************/
13 // $Id: my_edit.php 10142 2010-08-17 19:17:26Z hwong $
15 define('AT_INCLUDE_PATH', '../../../../include/');
16 require(AT_INCLUDE_PATH.'vitals.inc.php');
19 if (isset($_POST['cancel'])) {
20 $msg->addFeedback('CANCELLED');
21 header('Location: '.AT_BASE_HREF.'admin/index.php');
23 } else if (isset($_POST['submit'])) {
24 $missing_fields = array();
26 /* email validation */
27 if ($_POST['email'] == '') {
28 $missing_fields[] = _AT('email');
29 } else if (!preg_match("/^[a-z0-9\._-]+@+[a-z0-9\._-]+\.+[a-z]{2,6}$/i", $_POST['email'])) {
30 $msg->addError('EMAIL_INVALID');
32 $result = mysql_query("SELECT * FROM ".TABLE_PREFIX."members WHERE email LIKE '$_POST[email]'",$db);
33 if (mysql_num_rows($result) != 0) {
35 $msg->addError('EMAIL_EXISTS');
38 if ($missing_fields) {
39 $missing_fields = implode(', ', $missing_fields);
40 $msg->addError(array('EMPTY_FIELDS', $missing_fields));
43 if (!$msg->containsErrors()) {
44 // $_POST['password'] = $addslashes($_POST['password']);
45 $_POST['real_name'] = $addslashes($_POST['real_name']);
46 $_POST['email'] = $addslashes($_POST['email']);
48 $sql = "UPDATE ".TABLE_PREFIX."admins SET real_name='$_POST[real_name]', email='$_POST[email]', last_login=last_login WHERE login='$_SESSION[login]'";
49 $result = mysql_query($sql, $db);
51 $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
52 header('Location: '.AT_BASE_HREF.'admin/index.php');
55 $_POST['real_name'] = $stripslashes($_POST['real_name']);
56 $_POST['email'] = $stripslashes($_POST['email']);
59 require(AT_INCLUDE_PATH.'header.inc.php');
61 $sql = "SELECT real_name, email FROM ".TABLE_PREFIX."admins WHERE login='$_SESSION[login]'";
62 $result = mysql_query($sql, $db);
63 if (!($row = mysql_fetch_assoc($result))) {
64 $msg->addError('USER_NOT_FOUND');
66 require(AT_INCLUDE_PATH.'footer.inc.php');
69 if (!isset($_POST['submit'])) {
71 // $_POST['confirm_password'] = $_POST['password'];
75 <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
76 <div class="input-form">
78 <label for="real_name"><?php echo _AT('real_name'); ?></label><br />
79 <input type="text" name="real_name" id="real_name" size="30" value="<?php echo htmlspecialchars($_POST['real_name']); ?>" />
83 <span class="required" title="<?php echo _AT('required_field'); ?>">*</span><label for="email"><?php echo _AT('email'); ?></label><br />
84 <input type="text" name="email" id="email" size="30" value="<?php echo htmlspecialchars($_POST['email']); ?>" />
87 <div class="row buttons">
88 <input type="submit" name="submit" value="<?php echo _AT('save'); ?>" accesskey="s" />
89 <input type="submit" name="cancel" value="<?php echo _AT('cancel'); ?>" />
94 <?php require(AT_INCLUDE_PATH.'footer.inc.php'); ?>