-
Notifications
You must be signed in to change notification settings - Fork 0
/
change.php
executable file
·148 lines (131 loc) · 5.64 KB
/
change.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
<?php
session_start();
/*
* Starts the session if there is one
*/
if (isset($_POST['submit'])) {
/*
* If the variable "submit" is set, meaning that there was a valid form
* submitted
*/
$mypic = $_FILES['newupload']['name'];
// Gets the name of the new file uploaded
$temp = $_FILES['newupload']['tmp_name'];
// Gets the temporary name of the new file uploaded
$type = $_FILES['newupload']['type'];
// Gets the type of the new file uploaded
$id = $_REQUEST['id'];
// Gets the User's id
$newname = $_REQUEST['newname'];
// Gets the new name of the User given in the form
$newemail = $_REQUEST['newemail'];
// Gets the new email of the User given in the form
$newpassword = $_REQUEST['newpassword'];
// Gets the new password of the User given in the form
if ($newname && $newemail && $newpassword) {
// If all this values are set and exist
if (preg_match('/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/', $newemail)) {
// If the email string is within this format:
// some_thing.123@somewhere.com
if (strlen($newpassword) > 4) {
// If the length of the password is more than 4
mysql_connect("localhost", "root", "") or die("problem with connection..."); /*
* Connects to the localhost database with the user root and blank
* password, if it doesn't, stops the execution of the program
* returning "Problems with connection!"
*/
mysql_select_db("testsite");
/*
* After the connection is up, select the database to operate on
*/
mysql_query("UPDATE users SET name='$newname', email='$newemail' WHERE id='$id'");
/*
* Sends a query to the database updating the User's name and email
*/
$md5 = md5($newpassword);
/*
* Encrypts the password
*/
mysql_query("UPDATE users SET password='$md5' WHERE id='$id'");
/*
* Queries the database updating the password as well
*/
if (($type == "image/jpeg") || ($type == "image/jpg") || ($type == "image/bmp")) {
/*
* If the type of the file uploaded is jpeg, jpg or bmp
*/
$dir = "profiles/" . $_SESSION['name'] . "/images";
/*
* Defines $dir with a string of the path to the User's folder
*/
$files = 0;
$handle = opendir($dir);
/*
* Opens the directory given ($dir), that returns a resource
* for that directory ($handle)
*/
while (($file = readdir($handle)) != FALSE) {
/*
* Defines a while cycle, that while there is files/directories to
* read in that directory, it continues, otherwise, readdir
* will return false
*/
if ($file != "." && $file != ".." && $file != "Thumbs.db") {
/*
* If the file/directory isn't any of those
*/
unlink($dir . "/" . $file);
/*
* Deletes the file
*/
$files++;
/*
* Increases $files by one
*/
} // End of if
} // End of while
closedir($handle);
/*
* Closes the resource for the directory ($handle)
*/
sleep(1);
/*
* Delays the execution of the program by one second
*/
rename("profiles/" . $_SESSION['name'] . "", "profiles/$newname");
/*
* Renames the directory to the new User's name
*/
move_uploaded_file($temp, "profiles/$newname/images/$mypic");
/*
* Uploads the new file to the User's folder
*/
echo "You values have been updated succesfully!";
/*
* Warns the user that everything runned smoothly
*/
header("Refresh:2; url=logout.php");
/*
* Redirects after 2 seconds to logout.php Page
*/
} // End of if (File Type)
else {
echo "The picture has to be a jpeg, jpg o bmp file and have less than 10kb!";
}
} // End of if (Password Length)
else {
echo "The password needs to be larger than 4 characters!";
}
} // End of if (Email format)
else {
echo "Please type a valid email!";
}
} // End of if (Valid form)
else {
echo "Please complete the form!";
}
} // End of if (Submit wrong)
else {
echo "Access not allowed!";
}
?>