partstock/pages/user_settings.php

<?php

if (UserGetLogin() && UserGetLogin()!="root")
{
  //////////////////
  //global content
  if ($ToDo=="SaveSettings")
  {
    //get vars
    $Login     = (isset($_POST['Login']))    ? $_POST['Login']:"";
    $Password1 = (isset($_POST['Password1']))? $_POST['Password1']:"";
    $Password2 = (isset($_POST['Password2']))? $_POST['Password2']:"";
    $Language  = (isset($_POST['Language'])) ? $_POST['Language']:"";
    ($Template  = (isset($_POST['Template'])) ? $_POST['Template']:"");
        
    //check vars
    $Error=0;
    $UserExistQuery="SELECT * FROM `User` WHERE `Login` LIKE '$Login' AND `Id` != '$Id'";
    $UserExistQuery=mysqli_query($GlobalMysqlHandler, $UserExistQuery);
    if ($Login=="" || $Login=="root" || mysqli_num_rows($UserExistQuery))
    {
      $Error=1;
      MessageError(LangSpell('SentenceLoginForbidden'));
    }
    if ( ($Password1!=$Password2) || (trim($Password1)!=$Password1) )
    {
      $Error=1;
      MessageError(LangSpell('SentencePasswordForbidden'));
    }
    
    if (!$Error)
    {
      $UpdateQuery="UPDATE `User` SET `Login` = '$Login'".(($Password1) ? ", `Password` = '".md5($Password1)."'":"").", `Template` = '$Template', `Language` = '$Language' WHERE `User`.`Id` =".UserGetId()." LIMIT 1 ;";
      if (!mysqli_query($GlobalMysqlHandler, $UpdateQuery))
      {
        ErrorLog("[user_settings.php] Database error while update User table at Id = $Id!");
        MessageError(LangSpell('SentenceDatabaseError'));
        $Error=1;
      }
      else
      {
        MessageSuccess(LangSpell('SentenceUserUpdated'));
        if (trim($Password1)!="")
        {
          MessageWarning(LangSpell('SentencePasswordChangedWarning'));
        }
      }
    }
    UserLoadSettings();
  }

  //////////////////
  //global content
  $UserQuery="SELECT * FROM `User` WHERE `Id` = ".UserGetId();
  $UserQuery=mysqli_query($GlobalMysqlHandler, $UserQuery);
  $UserRecord=mysqli_fetch_array($UserQuery);
  
  $GlobalContent .= '<form action="index.php?Page=UserSettings&ToDo=SaveSettings" method="post">'."\n";
  $GlobalContent .= '<table>'."\n";

  $GlobalContent .= '  <tr>'."\n";
  $GlobalContent .= '    <th colspan="2">'.LangSpellHtml('UserSettingsTableHead').'</th>'."\n";
  $GlobalContent .= '  </tr>'."\n";

  $GlobalContent .= '  <tr>'."\n";
  $GlobalContent .= '    <th>Id</th>'."\n";
  $GlobalContent .= '    <td>'.$UserRecord['Id'].'</td>'."\n";
  $GlobalContent .= '  </tr>'."\n";

  $GlobalContent .= '  <tr>'."\n";
  $GlobalContent .= '    <th>'.LangSpellHtml('MenuLogin').'</th>'."\n";
  $GlobalContent .= '    <td><input type="text" name="Login" value="'.$UserRecord['Login'].'" title="'.LangSpellHtml('TagTitleEditUserLogin').'"></td>'."\n";
  $GlobalContent .= '  </tr>'."\n";

  $GlobalContent .= '  <tr>'."\n";
  $GlobalContent .= '    <th>'.LangSpellHtml('UserSettingsSetNewPassword').'</th>'."\n";
  $GlobalContent .= '    <td><input type="password" name="Password1" value="" title="'.LangSpellHtml('TagTitleEditUserPassword').'"></td>'."\n";
  $GlobalContent .= '  </tr>'."\n";

  $GlobalContent .= '  <tr>'."\n";
  $GlobalContent .= '    <th>'.LangSpellHtml('UserSettingsConfirmNewPassword').'</th>'."\n";
  $GlobalContent .= '    <td><input type="password" name="Password2" value="" title="'.LangSpellHtml('TagTitleEditUserPassword').'"></td>'."\n";
  $GlobalContent .= '  </tr>'."\n";

  $GlobalContent .= '  <tr>'."\n";
  $GlobalContent .= '    <th>'.LangSpellHtml('UserSettingsLanguage').'</th>'."\n";
  $GlobalContent .= '    <td><select name="Language" size="1">'."\n";
  $GlobalContent .= '     <option value="">'.LangSpellHtml('UserSettingsDefault').'</option>'."\n";
  $LanguageArray=LangGetAvailableLanguages();
  foreach ($LanguageArray as $Language)
  {
  $GlobalContent .= '     <option value="'.$Language.'" '.(($UserRecord['Language']==$Language)? "selected":"").'>'.$Language.'</option>'."\n";
  }
  $GlobalContent .= '    </select></td>'."\n";
  $GlobalContent .= '  </tr>'."\n";

  $GlobalContent .= '  <tr>'."\n";
  $GlobalContent .= '    <th>'.LangSpellHtml('UserSettingsTemplate').'</th>'."\n";
  $GlobalContent .= '    <td><select name="Template" size="1">'."\n";
  $GlobalContent .= '     <option value="">'.LangSpellHtml('UserSettingsDefault').'</option>'."\n";
  $TemplateArray=OtherGetAvailableTemplates();
  foreach ($TemplateArray as $Template)
  {
  $GlobalContent .= '     <option value="'.$Template.'" '.(($UserRecord['Template']==$Template)? "selected":"").'>'.$Template.'</option>'."\n";
  }
  $GlobalContent .= '    </select></td>'."\n";
  $GlobalContent .= '  </tr>'."\n";

  $GlobalContent .= '  <tr>'."\n";
  $GlobalContent .= '    <th> </th>'."\n";
  $GlobalContent .= '    <td><input type="submit" value="'.LangSpellHtml('ButtonSave').'" class="Button"></td>'."\n";
  $GlobalContent .= '  </tr>'."\n";

  $GlobalContent .= '</table>'."\n";
  $GlobalContent .= '</form>'."\n";
}
else
{
  MessageError(LangSpell("ScentenceNoUserRights"));
}
?>
initializing git repo 2018-12-17 17:50:23 +01:00			`<?php`

			`if (UserGetLogin() && UserGetLogin()!="root")`
			`{`
			`//////////////////`
			`//global content`
			`if ($ToDo=="SaveSettings")`
			`{`
			`//get vars`
			`$Login = (isset($_POST['Login'])) ? $_POST['Login']:"";`
			`$Password1 = (isset($_POST['Password1']))? $_POST['Password1']:"";`
			`$Password2 = (isset($_POST['Password2']))? $_POST['Password2']:"";`
			`$Language = (isset($_POST['Language'])) ? $_POST['Language']:"";`
			`($Template = (isset($_POST['Template'])) ? $_POST['Template']:"");`

			`//check vars`
			`$Error=0;`
			$UserExistQuery="SELECT * FROM `User` WHERE `Login` LIKE '$Login' AND `Id` != '$Id'";
			`$UserExistQuery=mysqli_query($GlobalMysqlHandler, $UserExistQuery);`
			`if ($Login=="" \|\| $Login=="root" \|\| mysqli_num_rows($UserExistQuery))`
			`{`
			`$Error=1;`
			`MessageError(LangSpell('SentenceLoginForbidden'));`
			`}`
			`if ( ($Password1!=$Password2) \|\| (trim($Password1)!=$Password1) )`
			`{`
			`$Error=1;`
			`MessageError(LangSpell('SentencePasswordForbidden'));`
			`}`

			`if (!$Error)`
			`{`
			$UpdateQuery="UPDATE `User` SET `Login` = '$Login'".(($Password1) ? ", `Password` = '".md5($Password1)."'":"").", `Template` = '$Template', `Language` = '$Language' WHERE `User`.`Id` =".UserGetId()." LIMIT 1 ;";
			`if (!mysqli_query($GlobalMysqlHandler, $UpdateQuery))`
			`{`
			`ErrorLog("[user_settings.php] Database error while update User table at Id = $Id!");`
			`MessageError(LangSpell('SentenceDatabaseError'));`
			`$Error=1;`
			`}`
			`else`
			`{`
			`MessageSuccess(LangSpell('SentenceUserUpdated'));`
			`if (trim($Password1)!="")`
			`{`
			`MessageWarning(LangSpell('SentencePasswordChangedWarning'));`
			`}`
			`}`
			`}`
			`UserLoadSettings();`
			`}`

			`//////////////////`
			`//global content`
			$UserQuery="SELECT * FROM `User` WHERE `Id` = ".UserGetId();
			`$UserQuery=mysqli_query($GlobalMysqlHandler, $UserQuery);`
			`$UserRecord=mysqli_fetch_array($UserQuery);`

			`$GlobalContent .= '<form action="index.php?Page=UserSettings&ToDo=SaveSettings" method="post">'."\n";`
			`$GlobalContent .= '<table>'."\n";`

			`$GlobalContent .= ' <tr>'."\n";`
			`$GlobalContent .= ' <th colspan="2">'.LangSpellHtml('UserSettingsTableHead').'</th>'."\n";`
			`$GlobalContent .= ' </tr>'."\n";`

			`$GlobalContent .= ' <tr>'."\n";`
			`$GlobalContent .= ' <th>Id</th>'."\n";`
			`$GlobalContent .= ' <td>'.$UserRecord['Id'].'</td>'."\n";`
			`$GlobalContent .= ' </tr>'."\n";`

			`$GlobalContent .= ' <tr>'."\n";`
			`$GlobalContent .= ' <th>'.LangSpellHtml('MenuLogin').'</th>'."\n";`
			`$GlobalContent .= ' <td><input type="text" name="Login" value="'.$UserRecord['Login'].'" title="'.LangSpellHtml('TagTitleEditUserLogin').'"></td>'."\n";`
			`$GlobalContent .= ' </tr>'."\n";`

			`$GlobalContent .= ' <tr>'."\n";`
			`$GlobalContent .= ' <th>'.LangSpellHtml('UserSettingsSetNewPassword').'</th>'."\n";`
			`$GlobalContent .= ' <td><input type="password" name="Password1" value="" title="'.LangSpellHtml('TagTitleEditUserPassword').'"></td>'."\n";`
			`$GlobalContent .= ' </tr>'."\n";`

			`$GlobalContent .= ' <tr>'."\n";`
			`$GlobalContent .= ' <th>'.LangSpellHtml('UserSettingsConfirmNewPassword').'</th>'."\n";`
			`$GlobalContent .= ' <td><input type="password" name="Password2" value="" title="'.LangSpellHtml('TagTitleEditUserPassword').'"></td>'."\n";`
			`$GlobalContent .= ' </tr>'."\n";`

			`$GlobalContent .= ' <tr>'."\n";`
			`$GlobalContent .= ' <th>'.LangSpellHtml('UserSettingsLanguage').'</th>'."\n";`
			`$GlobalContent .= ' <td><select name="Language" size="1">'."\n";`
			`$GlobalContent .= ' <option value="">'.LangSpellHtml('UserSettingsDefault').'</option>'."\n";`
			`$LanguageArray=LangGetAvailableLanguages();`
			`foreach ($LanguageArray as $Language)`
			`{`
			`$GlobalContent .= ' <option value="'.$Language.'" '.(($UserRecord['Language']==$Language)? "selected":"").'>'.$Language.'</option>'."\n";`
			`}`
			`$GlobalContent .= ' </select></td>'."\n";`
			`$GlobalContent .= ' </tr>'."\n";`

			`$GlobalContent .= ' <tr>'."\n";`
			`$GlobalContent .= ' <th>'.LangSpellHtml('UserSettingsTemplate').'</th>'."\n";`
			`$GlobalContent .= ' <td><select name="Template" size="1">'."\n";`
			`$GlobalContent .= ' <option value="">'.LangSpellHtml('UserSettingsDefault').'</option>'."\n";`
			`$TemplateArray=OtherGetAvailableTemplates();`
			`foreach ($TemplateArray as $Template)`
			`{`
			`$GlobalContent .= ' <option value="'.$Template.'" '.(($UserRecord['Template']==$Template)? "selected":"").'>'.$Template.'</option>'."\n";`
			`}`
			`$GlobalContent .= ' </select></td>'."\n";`
			`$GlobalContent .= ' </tr>'."\n";`

			`$GlobalContent .= ' <tr>'."\n";`
			`$GlobalContent .= ' <th> </th>'."\n";`
			`$GlobalContent .= ' <td><input type="submit" value="'.LangSpellHtml('ButtonSave').'" class="Button"></td>'."\n";`
			`$GlobalContent .= ' </tr>'."\n";`

			`$GlobalContent .= '</table>'."\n";`
			`$GlobalContent .= '</form>'."\n";`
			`}`
			`else`
			`{`
			`MessageError(LangSpell("ScentenceNoUserRights"));`
			`}`
			`?>`