Commit | Line | Data |
---|---|---|
22f1dc64 JB |
1 | <?php |
2 | $form_name = filter_input(INPUT_POST, "name", FILTER_SANITIZE_STRING); | |
3 | $form_firstname = filter_input(INPUT_POST, "firstname", FILTER_SANITIZE_STRING); | |
4 | $form_numstreet = filter_input(INPUT_POST, "numstreet", FILTER_VALIDATE_INT); | |
5 | $form_street = filter_input(INPUT_POST, "street", FILTER_SANITIZE_STRING); | |
6 | $form_postalcode = filter_input(INPUT_POST, "postalcode", FILTER_VALIDATE_INT); | |
7 | $form_city = filter_input(INPUT_POST, "city", FILTER_SANITIZE_STRING); | |
8 | $form_email = filter_input(INPUT_POST, "email", FILTER_VALIDATE_EMAIL); | |
9 | ||
77c2d82c JB |
10 | $form_oldpassword = filter_input(INPUT_POST, "oldpassword", FILTER_SANITIZE_STRING); |
11 | $form_password = filter_input(INPUT_POST, "password", FILTER_SANITIZE_STRING); | |
12 | $form_confirmpassword = filter_input(INPUT_POST, "confirmpassword", FILTER_SANITIZE_STRING); | |
13 | ||
f38123a5 JB |
14 | global $is_logged_in; |
15 | if (!$is_logged_in) { | |
16 | echo "Please login first. <br>"; | |
17 | $_SESSION['login_referer'] = $_SERVER['HTTP_REFERER']; | |
18 | redirect("index.php?page=login", 2); | |
19 | } | |
20 | ||
22f1dc64 | 21 | $input_failure = false; |
77c2d82c | 22 | $password_failure = false; |
22f1dc64 | 23 | |
77c2d82c | 24 | if (isset($form_street) && !$form_numstreet) { |
22f1dc64 JB |
25 | echo "The street number is not valid. <br>" ; |
26 | $input_failure = true; | |
27 | } | |
77c2d82c | 28 | if (isset($form_street) && !$form_postalcode) { |
22f1dc64 JB |
29 | echo "The postal code is not valid. <br>"; |
30 | $input_failure = true; | |
31 | } | |
77c2d82c | 32 | if (isset($form_street) && !$form_email) { |
22f1dc64 JB |
33 | echo "The email is not valid. <br>"; |
34 | $input_failure = true; | |
35 | } | |
36 | ||
77c2d82c JB |
37 | if (isset($form_oldpassword) && isset($form_password) && strcmp($form_oldpassword, $form_password) === 0) { |
38 | echo "Old and new password are the same. <br>"; | |
39 | $password_failure = true; | |
40 | } | |
41 | ||
42 | if (strcmp($form_password, $form_confirmpassword) !== 0) { | |
43 | echo "Password do not match. <br>"; | |
44 | $password_failure = true; | |
45 | } | |
46 | ||
22f1dc64 JB |
47 | if (!empty($form_name) && !empty($form_firstname) && !empty($form_numstreet) && !empty($form_street) && |
48 | !empty($form_postalcode) && !empty($form_city) && !empty($form_email) && | |
f38123a5 | 49 | !$input_failure && $is_logged_in) { |
77c2d82c JB |
50 | global $connection; |
51 | $client_id = get_client_id($_SESSION['email']); | |
52 | $sql_pquery = "update CLIENTS | |
01adaa67 JB |
53 | set NomCl = ?, PrenomCl = ?, EmailCl = ?, NumRueCl = ?, NomRueCl = ?, CodePosteCl = ?, VilleCl = ? |
54 | where NumCl = ?"; | |
77c2d82c JB |
55 | $connection->prepare_query($sql_pquery); |
56 | $connection->prepared_query_bind_param("sssisisi", array($form_name, $form_firstname, $form_email, $form_numstreet, $form_street, $form_postalcode, $form_city, $client_id)); | |
57 | $connection->run_prepared_query(); | |
58 | $connection->close_prepared_query(); | |
59 | echo "You've updated your personal informations, you will be redirected to your account in 3 seconds. <br>"; | |
60 | redirect("index.php?page=account", 3); | |
61 | } elseif (!empty($form_oldpassword) && !empty($form_password) && !empty($form_confirmpassword) && | |
f38123a5 | 62 | !$password_failure && $is_logged_in) { |
77c2d82c | 63 | if (chk_password($_SESSION['email'], $form_oldpassword)) { |
22f1dc64 JB |
64 | global $connection; |
65 | $client_id = get_client_id($_SESSION['email']); | |
77c2d82c | 66 | $hashed_password = password_hash($form_password, PASSWORD_DEFAULT); |
22f1dc64 | 67 | $sql_pquery = "update CLIENTS |
01adaa67 JB |
68 | set PasswordCl = ? |
69 | where NumCl = ?"; | |
22f1dc64 | 70 | $connection->prepare_query($sql_pquery); |
77c2d82c | 71 | $connection->prepared_query_bind_param("si", array($hashed_password, $client_id)); |
22f1dc64 JB |
72 | $connection->run_prepared_query(); |
73 | $connection->close_prepared_query(); | |
77c2d82c | 74 | echo "You've successfully updated your password. <br>"; |
22f1dc64 | 75 | redirect("index.php?page=account", 3); |
77c2d82c JB |
76 | } else { |
77 | echo "Your old password is incorrect. <br>"; | |
78 | redirect("index.php?page=account&action=modifypassword", 3); | |
79 | } | |
22f1dc64 JB |
80 | } else { |
81 | echo "There's a required non filled field or the input in a field do not match the required pattern. <br>"; | |
82 | echo "<a href=\"javascript:history.go(-1)\">Retour</a>"; | |
83 | } | |
77c2d82c | 84 | |
22f1dc64 | 85 | ?> |