This repository was archived by the owner on Nov 24, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathUpdateProfileCommit.php
More file actions
122 lines (109 loc) · 3.72 KB
/
UpdateProfileCommit.php
File metadata and controls
122 lines (109 loc) · 3.72 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
<?php
include('SQLFunctions.php');
include('session.php');
$AUserID = $_SESSION['userID'];
$link = f_sqlConnect();
$title = "Update User Commit";
$user = "SELECT username FROM users_enc WHERE userID = ".$AUserID;
if($result=mysqli_query($link,$user)) {
/*from the sql results, assign the username that returned to the $username variable*/
while($row = mysqli_fetch_assoc($result)) {
$AUsername = $row['username'];
}
}
if($_POST['Password'] <> '') {
$pwd = '1';
if($_POST['Password'] <> $_POST['ConPwd']) {
$message = 'Confirmation password does not match new password';
}
if (ctype_alnum($_POST['Password']) != true) {
$message = "Password must be alpha numeric";
}
} else {
$pwd = '0';
}
if(!isset($_POST['username']))
{
$message = 'Please enter a valid username';
}
elseif (strlen( $_POST['username']) > 20 || strlen($_POST['username']) < 4)
{
$message = 'incorrect length for Username';
}
elseif (ctype_alnum($_POST['username']) != true)
{
$message = "Username must be alpha numeric";
}
elseif (ctype_alnum($_POST['Company']) != true)
{
$message = "Company must be alpha numeric";
}
elseif (filter_var($_POST['Email'], FILTER_VALIDATE_EMAIL) !=true)
{
$message = "Email is not a valid email address";
}
elseif(!empty($_POST)) {
$UserID = $_POST['userID'];
$SecQ = $_POST['SecQ'];
$Username = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
$firstname = filter_var($_POST['firstname'], FILTER_SANITIZE_STRING);
$lastname = filter_var($_POST['lastname'], FILTER_SANITIZE_STRING);
$company = filter_var($_POST['Company'], FILTER_SANITIZE_STRING);
$password = filter_var($_POST['Password'], FILTER_SANITIZE_STRING);
$SecA = filter_var($_POST['SecA'], FILTER_SANITIZE_STRING);
$Email = filter_var($_POST['Email'], FILTER_SANITIZE_EMAIL);
$Password = password_hash($password, PASSWORD_BCRYPT);
if($pwd == '0') {
try {
$sql = "UPDATE users_enc
SET Username = '$Username'
,firstname = '$firstname'
,lastname = '$lastname'
,Email = '$Email'
,Company = '$company'
,SecQ = '$SecQ'
,SecA = '$SecA'
,updated_By = '$AUsername'
,LastUpdated = NOW()
WHERE UserID = $UserID";
if(mysqli_query($link,$sql)) {
header('location: displayUsers.php');
} else {
echo "<br>Error: " .$sql. "<br>" .mysqli_error($link);
}
mysqli_close($link);
} catch(Exception $e) { $message = "Unable to process request1";}
} elseif($pwd == '1') {
try {
$sql = "UPDATE users_enc
SET Username = '$Username'
,Password = '$Password'
,firstname = '$firstname'
,lastname = '$lastname'
,Email = '$Email'
,Company = '$company'
,SecQ = '$SecQ'
,SecA = '$SecA'
,Updated_by = '$AUsername'
,LastUpdated = NOW()
WHERE UserID = '$UserID'";
if(mysqli_query($link,$sql)) {
header('location: displayUsers.php');
} else {
echo "<br>Error: " .$sql. "<br>" .mysqli_error($link);
}
mysqli_close($link);
} catch(Exception $e) {$message = "Unable to process request2";}
} else {
$message = 'Unable to process request3<br />'.$pwd;
}
}
// include('filestart.php');
// echo "
// <div class='container page-header'>
// <h1 class='page-title'>Error</h1>
// </div>
// <div class='container'>
// <p style='text-align:center'>$message</p>
// </div>";
// include('fileend.php');