diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/func/change_info.php b/code/ryzom/tools/server/ryzom_ams/www/html/func/change_info.php index c19c418c3..45ee8f929 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/html/func/change_info.php +++ b/code/ryzom/tools/server/ryzom_ams/www/html/func/change_info.php @@ -17,64 +17,53 @@ function change_info(){ } $webUser = new WebUsers(); + //use current info to check for changes $current_info = $webUser->getInfo($_POST['target_id']); //TODO: XSS filtering + + //make the query that will update the data. + $updated = false; + $values = Array(); + $values['user'] = $target_username; $query = "UPDATE ams_user SET "; if(($_POST['FirstName'] != "") && ($_POST['FirstName'] != $current_info['FirstName'])){ $query = $query . "FirstName = :fName "; + $updated = true; + $values['fName'] = $_POST['FirstName']; } if(($_POST['LastName'] != "") && ($_POST['LastName'] != $current_info['LastName'])){ $query = $query . "LastName = :lName "; + $updated = true; + $values['lName'] = $_POST['LastName']; } //TODO: add the other fields too $query = $query . "WHERE Login = :user"; - - print($query); - exit; - - - - $reply = $webUser->checkEmail($_POST['NewEmail']); - if ( $reply != "success" ){ - $result['EMAIL_ERROR'] = 'TRUE'; - }else{ - $result['EMAIL_ERROR'] = 'FALSE'; - } - $result['prevNewEmail'] = $_POST["NewEmail"]; - - if ($reply== "success"){ - $status = WebUsers::setEmail($target_username, $_POST["NewEmail"] ); - if($status == 'ok'){ - $result['SUCCESS_MAIL'] = "OK"; - }else if($status == 'shardoffline'){ - $result['SUCCESS_MAIL'] = "SHARDOFF"; - } - $result['permission'] = $_SESSION['permission']; - $result['no_visible_elements'] = 'FALSE'; - $result['target_id'] = $_POST['target_id']; - if(isset($_GET['id'])){ - if(WebUsers::isAdmin() && ($_POST['target_id'] != $_SESSION['id'])){ - $result['isAdmin'] = "TRUE"; - } - } - helpers :: loadtemplate( 'settings', $result); - exit; - - }else{ - $result['EMAIL'] = $reply; - $result['permission'] = $_SESSION['permission']; - $result['no_visible_elements'] = 'FALSE'; - $return['username'] = $_SESSION['user']; - $result['target_id'] = $_POST['target_id']; - if(isset($_GET['id'])){ - if(WebUsers::isAdmin() && ($_POST['target_id'] != $_SESSION['id'])){ - $result['isAdmin'] = "TRUE"; - } - } - helpers :: loadtemplate( 'settings', $result); - exit; + //if some field is update then: + if($updated){ + global $cfg; + //execute the query in the web DB. + $dbw = new DBLayer($cfg['db']['web']); + $dbw->execute($query,$values); } + + global $SITEBASE; + require_once($SITEBASE . 'inc/settings.php'); + $result = settings(); + if($updated){ + $result['info_updated'] = "OK"; + } + $result['permission'] = $_SESSION['permission']; + $result['username'] = $_SESSION['user']; + $result['no_visible_elements'] = 'FALSE'; + $result['target_id'] = $_POST['target_id']; + if(isset($_GET['id'])){ + if(WebUsers::isAdmin() && ($_POST['target_id'] != $_SESSION['id'])){ + $result['isAdmin'] = "TRUE"; + } + } + helpers :: loadtemplate( 'settings', $result); + exit; }else{ //ERROR: permission denied! diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/func/change_mail.php b/code/ryzom/tools/server/ryzom_ams/www/html/func/change_mail.php index 99a173519..dafcd6975 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/html/func/change_mail.php +++ b/code/ryzom/tools/server/ryzom_ams/www/html/func/change_mail.php @@ -18,6 +18,11 @@ function change_mail(){ $webUser = new WebUsers(); $reply = $webUser->checkEmail($_POST['NewEmail']); + + global $SITEBASE; + require_once($SITEBASE . 'inc/settings.php'); + $result = settings(); + if ( $reply != "success" ){ $result['EMAIL_ERROR'] = 'TRUE'; }else{ @@ -34,6 +39,7 @@ function change_mail(){ } $result['permission'] = $_SESSION['permission']; $result['no_visible_elements'] = 'FALSE'; + $result['username'] = $_SESSION['user']; $result['target_id'] = $_POST['target_id']; if(isset($_GET['id'])){ if(WebUsers::isAdmin() && ($_POST['target_id'] != $_SESSION['id'])){ @@ -47,7 +53,7 @@ function change_mail(){ $result['EMAIL'] = $reply; $result['permission'] = $_SESSION['permission']; $result['no_visible_elements'] = 'FALSE'; - $return['username'] = $_SESSION['user']; + $result['username'] = $_SESSION['user']; $result['target_id'] = $_POST['target_id']; if(isset($_GET['id'])){ if(WebUsers::isAdmin() && ($_POST['target_id'] != $_SESSION['id'])){ diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/func/change_password.php b/code/ryzom/tools/server/ryzom_ams/www/html/func/change_password.php index cbeb4306a..3008849b1 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/html/func/change_password.php +++ b/code/ryzom/tools/server/ryzom_ams/www/html/func/change_password.php @@ -24,7 +24,9 @@ function change_password(){ $result = $webUser->check_change_password($params); if ($result == "success"){ //edit stuff into db - + global $SITEBASE; + require_once($SITEBASE . 'inc/settings.php'); + $succresult = settings(); $hashpass = crypt($_POST["NewPass"], WebUsers::generateSALT()); $status = WebUsers::setPassword($target_username, $hashpass); if($status == 'ok'){ @@ -34,17 +36,12 @@ function change_password(){ } $succresult['permission'] = $_SESSION['permission']; $succresult['no_visible_elements'] = 'FALSE'; + $succresult['username'] = $_SESSION['user']; $succresult['target_id'] = $_POST['target_id']; - if(isset($_GET['id'])){ - if(WebUsers::isAdmin() && ($_POST['target_id'] != $_SESSION['id'])){ - $succresult['isAdmin'] = "TRUE"; - } - } helpers :: loadtemplate( 'settings', $succresult); exit; }else{ - $result['prevCurrentPass'] = $_POST["CurrentPass"]; $result['prevNewPass'] = $_POST["NewPass"]; $result['prevConfirmNewPass'] = $_POST["ConfirmNewPass"]; @@ -52,11 +49,12 @@ function change_password(){ $result['no_visible_elements'] = 'FALSE'; $return['username'] = $_SESSION['user']; $result['target_id'] = $_POST['target_id']; - if(isset($_GET['id'])){ - if(WebUsers::isAdmin() && ($_POST['target_id'] != $_SESSION['id'])){ - $result['isAdmin'] = "TRUE"; - } - } + + global $SITEBASE; + require_once($SITEBASE . 'inc/settings.php'); + $settings = settings(); + + $result = array_merge($result,$settings); helpers :: loadtemplate( 'settings', $result); exit; } diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/templates/settings.tpl b/code/ryzom/tools/server/ryzom_ams/www/html/templates/settings.tpl index 4ab3a2697..ceec3aa76 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/html/templates/settings.tpl +++ b/code/ryzom/tools/server/ryzom_ams/www/html/templates/settings.tpl @@ -437,7 +437,12 @@ - + {if isset($info_updated) and $info_updated eq "OK"} +