-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaccount_change.php
116 lines (100 loc) · 4.47 KB
/
account_change.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
<?php
include_once ('config/database.php');
include_once 'error_checking.php';
include_once 'comment.php';
include_once ('config/session.php');
if (isset($_POST['save']) && isset($_SESSION['username'])){
$form_errors = array();
$required_fields = array('fname', 'lname', 'email', 'username', 'password');
$form_errors = array_merge($form_errors, check_empty_fields($required_fields));
$fields_to_check_length = array('username' => 4, 'password' => 6);
$form_errors = array_merge($form_errors, check_min_length($fields_to_check_length));
$form_errors = array_merge($form_errors, check_email($_POST));
if (empty($form_errors)){
$ID = $_SESSION['id'];
$fname = htmlEntities($_POST['fname']);
$lname = htmlEntities($_POST['lname']);
$username = htmlEntities($_POST['username']);
$email = htmlEntities($_POST['email']);
$password = htmlEntities($_POST['password']);
$email_pref = "false";
if (isset($_POST['email_pref'])){
$email_pref = "true";
}
$hashed_password = password_hash($password, PASSWORD_BCRYPT);
try{
$stmt = $db->prepare('UPDATE users SET fname = :fname, lname = :lname, username = :username, email = :email, email_pref = :email_pref, password = :hashed_password WHERE ID = :ID');
$stmt->bindParam(':fname',$fname);
$stmt->bindParam(':lname',$lname);
$stmt->bindParam(':username',$username);
$stmt->bindParam(':email',$email);
$stmt->bindParam(':email_pref', $email_pref);
$stmt->bindParam(':hashed_password',$hashed_password);
$stmt->bindParam(':ID',$ID);
$stmt->execute();
$mailbody = '
Changes were Made to your account!
Your account has been updated, you can login with the following new/old credentials depending on the changes you made to your account.
------------------------
Username: '.$username.'
Password: '.$password.'
------------------------
Thank you!';
mail("$email", "www.noreply@camagru.com - Account updated", $mailbody);
$result = "<p style='padding: 20px; color: green;'>Account was successfully updated!</p>";
}catch (PDOException $er){
$result = "<p style='padding: 20px; color: red'>An error occurred: ".$er->getMessage()." </p>";
}
}
else{
if(count($form_errors) == 1){
$result = "<p style='color: red;'> There was 1 error in the form<br>";
}else{
$result = "<p style='color: red;'> There were " .count($form_errors). " error in the form <br>";
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="style/style.css" />
<title>Account Update</title>
</head>
<body >
<header >
<div class="cat">
<ul>
<li class="name">CAMAGURU</li>
<li><a href="index.php">Home</a></li>
<li><a href="gallery.php">Gallery</a></li>
<?php include_once('loga.php');?>
</ul>
</div>
</header>
<div class="mainC">
<h1>Account Update</h1>
<?php if(isset($result)) echo "<b>$result <b>" ?>
<?php if(!empty($form_errors)) echo show_errors($form_errors); ?>
<form class="Regform" method="POST">
First name<br>
<input type="text" name="fname" placeholder="First name" >
<br>
Last name<br>
<input type="text" name="lname" placeholder="Last name">
<br>
Email<br>
<input type="text" name="email" placehoder="E-mail">
<br>
Username<br>
<input type="text" name="username" placeholder="Username">
<br>
Password<br>
<input type="password" name="password" placehoder="Password">
<br></br>
<input type="checkbox" name="email_pref" value="Notify" style="height: 1.5vh; width: 1.5vw;">Do not send me emails</br></br>
<button type="submit" name="save" value="save">Save</button>
</form>
</div>
</body>
</html>