0) { $row = mysqli_fetch_array($result); } else { header ("Location: logout.php"); exit(); } if (isset($_POST['action']) && $_POST['action'] == "editprofile") { $fname = mysqli_real_escape_string($conn, ucfirst(strtolower(getPostParameter('fname')))); $lname = mysqli_real_escape_string($conn, ucfirst(strtolower(getPostParameter('lname')))); $email = mysqli_real_escape_string($conn, strtolower(getPostParameter('email'))); $address = mysqli_real_escape_string($conn, getPostParameter('address')); $address2 = mysqli_real_escape_string($conn, getPostParameter('address2')); $city = mysqli_real_escape_string($conn, getPostParameter('city')); $state = mysqli_real_escape_string($conn, getPostParameter('state')); $zip = mysqli_real_escape_string($conn, getPostParameter('zip')); $country = (int)getPostParameter('country'); $phone = mysqli_real_escape_string($conn, getPostParameter('phone')); $newsletter = (int)getPostParameter('newsletter'); unset($errs); $errs = array(); if(!($fname && $lname && $email)) { $errs[] = CBE1_MYPROFILE_ERR; } if(isset($email) && $email !="" && !preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $email)) { $errs[] = CBE1_MYPROFILE_ERR1; } if (count($errs) == 0) { // reset verification if (PHONE_VERIFICATION == 1 && $row['phone'] != "" && $phone != $row['phone']) $add_sql = ", verified_phone='0'"; else $add_sql = ""; $up_query = "UPDATE exchangerix_users SET email='$email', fname='$fname', lname='$lname', address='$address', address2='$address2', city='$city', state='$state', zip='$zip', country='$country', phone='$phone', newsletter='$newsletter' $add_sql WHERE user_id='$userid' LIMIT 1"; if (smart_mysql_query($up_query)) { $_SESSION['FirstName'] = $fname; header("Location: myprofile.php?msg=1"); exit(); } } } if (isset($_POST['action']) && $_POST['action'] == "changepwd") { $pwd = mysqli_real_escape_string($conn, getPostParameter('password')); $newpwd = mysqli_real_escape_string($conn, getPostParameter('newpassword')); $newpwd2 = mysqli_real_escape_string($conn, getPostParameter('newpassword2')); $errs2 = array(); if (!($pwd && $newpwd && $newpwd2)) { $errs2[] = CBE1_MYPROFILE_ERR0; } else { if (PasswordEncryption($pwd) !== $row['password']) { $errs2[] = CBE1_MYPROFILE_ERR2; } if ($newpwd !== $newpwd2) { $errs2[] = CBE1_MYPROFILE_ERR3; } elseif ((strlen($newpwd)) < 6 || (strlen($newpwd2) < 6) || (strlen($newpwd)) > 20 || (strlen($newpwd2) > 20)) { $errs2[] = CBE1_MYPROFILE_ERR4; } elseif (stristr($newpwd, ' ')) { $errs2[] = CBE1_MYPROFILE_ERR5; } } if (count($errs2) == 0) { $upp_query = "UPDATE exchangerix_users SET password='".PasswordEncryption($newpwd)."' WHERE user_id='$userid' LIMIT 1"; if (smart_mysql_query($upp_query)) { header("Location: myprofile.php?msg=2"); exit(); } } } /////////////// Page config /////////////// $PAGE_TITLE = CBE1_MYPROFILE_TITLE; require_once ("inc/header.inc.php"); ?>

0) { foreach ($errs as $errorname) { $allerrors .= $errorname."
\n"; } echo "
".$allerrors."
"; } ?>


0) { foreach ($errs2 as $errorname) { $allerrors .= $errorname."
\n"; } echo "
".$allerrors."
"; } ?>