From 1900ba4c22d81553905439064c385af479f32e8f Mon Sep 17 00:00:00 2001 From: mauirixxx Date: Thu, 16 Aug 2018 13:23:54 -1000 Subject: [PATCH] added session userid validation; can now select characters from the header file --- addaccounts.php | 14 +---- header-list-chars.php | 13 +++++ header.php | 11 +++- includes/del-character.php | 3 +- includes/getaccountstats.php | 3 -- includes/set-prefacc.php | 18 ++++--- includes/set-prefchar.php | 8 +-- includes/title-add.php | 10 ++-- includes/title-editor.php | 52 ++++++++++--------- includes/title-select.php | 20 ++++---- includes/title-submit.php | 36 +++++++------ includes/title-update.php | 48 ++++++++--------- includes/titleranks-add.php | 114 +++++++++++++++++++---------------------- includes/titleranks-editor.php | 47 ++++++++--------- includes/titleranks-submit.php | 20 ++++---- includes/update-email.php | 14 ++--- includes/update-password.php | 36 +++++++------ style.css | 14 ++++- titlemanager.php | 12 ++--- 19 files changed, 261 insertions(+), 232 deletions(-) create mode 100644 header-list-chars.php diff --git a/addaccounts.php b/addaccounts.php index a4e7b7b..d3692ca 100644 --- a/addaccounts.php +++ b/addaccounts.php @@ -1,45 +1,35 @@ '; echo ''; echo ''; echo '
Add a new Guild Wars account e-mail or alias

'; - echo '
'; echo ''; $acclist = $con->prepare("SELECT accid, accemail FROM gwaccounts WHERE userid = ?"); @@ -57,7 +47,6 @@ if (isset($_SESSION['userid'])) { } $acclist->close(); echo '
Current Guild Wars accounts
Account namePreferred?Delete ?

'; - // add characters here echo '
'; echo ''; @@ -72,7 +61,6 @@ if (isset($_SESSION['userid'])) { } echo ''; echo '
Add character to account: ' . $_SESSION['prefaccname'] . '

'; - echo '
'; echo ''; $lc = $con->prepare("SELECT charid, accid, charname, profid, profcolor FROM gwchars WHERE accid = ?"); diff --git a/header-list-chars.php b/header-list-chars.php new file mode 100644 index 0000000..54bd98b --- /dev/null +++ b/header-list-chars.php @@ -0,0 +1,13 @@ +prepare("SELECT charid, charname, profid FROM gwchars WHERE accid = ? AND userid = ? ORDER BY charname"); + $cls->bind_param("ii", $_SESSION['prefaccid'], $_SESSION['userid']); + $cls->execute(); + $clsres = $cls->get_result(); + while ($clsrow = $clsres->fetch_assoc()) { + echo ''; + } + $cls->close(); +} +?> \ No newline at end of file diff --git a/header.php b/header.php index 50d5556..d3ed9f1 100644 --- a/header.php +++ b/header.php @@ -26,10 +26,19 @@ if (!$userid){ echo 'GWST'; } echo '
'; + if (!empty($_POST['prefcharid'])) { + //this section contains code to the users preferred character + include_once ('includes/set-prefchar.php'); + } + echo ''; echo '(Home) (Options) '; if ($_SESSION['admin'] == 1){ echo'(Administration) '; } - echo '(Logout ' . $_SESSION['username'] . ')

'; + echo '(Logout ' . $_SESSION['username'] . ') ()

'; } ?> \ No newline at end of file diff --git a/includes/del-character.php b/includes/del-character.php index feb8222..706b93a 100644 --- a/includes/del-character.php +++ b/includes/del-character.php @@ -1,6 +1,5 @@ '; if ($delchar = $con->prepare("DELETE FROM gwchars WHERE charid = ? AND accid = ? AND userid = ?")) { $delchar->bind_param("iii", $delcharid, $delaccid, $_SESSION['userid']); for ($i = 0; $i < count($_POST['delcharid']); $i++) { @@ -10,12 +9,14 @@ if (isset($_SESSION['userid'])) { } $delchar->close(); } + // need to delete associate character stats as well. TODO $nap = $con->prepare("UPDATE userinfo SET prefcharid = 0, prefcharname = 'No default selected' WHERE userid = ?"); $nap->bind_param("i", $_SESSION['userid']); $nap->execute(); $nap->close(); $_SESSION['prefcharid'] = "0"; $_SESSION['prefcharname'] = "No default selected"; + $_SESSION['charprofid'] = "0"; echo 'Character(s) deleted - no preferred character selected.

'; } ?> \ No newline at end of file diff --git a/includes/getaccountstats.php b/includes/getaccountstats.php index af438a7..a6359ae 100644 --- a/includes/getaccountstats.php +++ b/includes/getaccountstats.php @@ -1,7 +1,4 @@
'; echo ''; diff --git a/includes/set-prefacc.php b/includes/set-prefacc.php index 57ffd59..da83f4b 100644 --- a/includes/set-prefacc.php +++ b/includes/set-prefacc.php @@ -1,6 +1,7 @@ prepare("UPDATE userinfo SET prefaccid = 0, prefaccname = 'No default selected' WHERE userid = ?"); $nap->bind_param("i", $_SESSION['userid']); $nap->execute(); @@ -9,6 +10,7 @@ if (isset($_SESSION['userid'])) { $_SESSION['prefaccname'] = "No default selected"; echo 'Account preference update - no preferred account selected.
'; } else { + // $sap = Select AccountID Preferrence $sap = $con->prepare("SELECT accid, accemail FROM gwaccounts WHERE accid = ? AND userid = ?"); $sap->bind_param("ii", $_POST['prefaccid'], $_SESSION['userid']); $sap->execute(); @@ -21,13 +23,15 @@ if (isset($_SESSION['userid'])) { $_SESSION['prefaccid'] = $row['accid']; $_SESSION['prefaccname'] = $row['accemail']; } - $ncp = $con->prepare("UPDATE userinfo SET prefcharid = 0, prefcharname = 'No default selected' WHERE userid = ?"); - $ncp->bind_param("i", $_SESSION['userid']); - $ncp->execute(); - $ncp->close(); - $_SESSION['prefcharid'] = "0"; - $_SESSION['prefcharname'] = "No default selected"; - echo 'Guild Wars preferred account updated!
'; + $sap->close(); } + $ncp = $con->prepare("UPDATE userinfo SET prefcharid = 0, prefcharname = 'No default selected' WHERE userid = ?"); + $ncp->bind_param("i", $_SESSION['userid']); + $ncp->execute(); + $ncp->close(); + $_SESSION['prefcharid'] = "0"; + $_SESSION['prefcharname'] = "No default selected"; + $_SESSION['charprofid'] = "0"; + echo 'Guild Wars preferred account updated!
'; } ?> \ No newline at end of file diff --git a/includes/set-prefchar.php b/includes/set-prefchar.php index fa1b448..8d791cd 100644 --- a/includes/set-prefchar.php +++ b/includes/set-prefchar.php @@ -1,15 +1,17 @@ prepare("UPDATE userinfo SET prefcharid = 0, prefcharname = 'No default selected' WHERE userid = ?"); $ncp->bind_param("i", $_SESSION['userid']); $ncp->execute(); $ncp->close(); $_SESSION['prefcharid'] = "0"; $_SESSION['prefcharname'] = "No default selected"; - echo 'Character preference update - no preferred character selected.
'; + $_SESSION['charprofid'] = "0"; } else { - $scp = $con->prepare("SELECT charid, charname FROM gwchars WHERE charid = ? AND accid = ? AND userid = ?"); + // $scp = Selected CharID Preferrence + $scp = $con->prepare("SELECT charid, charname, profid FROM gwchars WHERE charid = ? AND accid = ? AND userid = ?"); $scp->bind_param("iii", $_POST['prefcharid'], $_SESSION['prefaccid'], $_SESSION['userid']); $scp->execute(); $result = $scp->get_result(); @@ -20,8 +22,8 @@ if (isset($_SESSION['userid'])) { $uap->close(); $_SESSION['prefcharid'] = $row['charid']; $_SESSION['prefcharname'] = $row['charname']; + $_SESSION['charprofid'] = $row['profid']; } - echo 'Guild Wars preferred character updated!
'; } } ?> \ No newline at end of file diff --git a/includes/title-add.php b/includes/title-add.php index 16f31ab..6cc4b71 100644 --- a/includes/title-add.php +++ b/includes/title-add.php @@ -1,6 +1,8 @@
Available characters
charidaccidcharnamePreferredDelete?
Account wide stats
TitleTitle RankTitle PointsCurrent RankPoints RemainingMax Title %Next Rank
'; -echo ''; -echo ''; -echo '
Title NameTitle TypeMax Rank
Account
Character

'; +if (isset($_SESSION['userid'])) { + echo '
'; + echo ''; + echo ''; + echo '
Title NameTitle TypeMax Rank
Account
Character

'; +} ?> \ No newline at end of file diff --git a/includes/title-editor.php b/includes/title-editor.php index 86c3466..de4fca7 100644 --- a/includes/title-editor.php +++ b/includes/title-editor.php @@ -1,29 +1,31 @@ '; -echo ''; -$stmtview = $con->prepare("SELECT * FROM gwtitles WHERE titlenameid = ?"); -$stmtview->bind_param("i", $_POST['tid']); -$stmtview->execute(); -$result = $stmtview->get_result(); -while ($row = $result->fetch_assoc()) { - $tid = $row['titlenameid']; - $tname = $row['titlename']; - $ttype = $row['titletype']; - $tmr = $row['titlemaxrank']; - echo '
titlenameidtitlenametitletypetitlemaxrank
'; - echo ''; + echo ''; + $stmtview = $con->prepare("SELECT * FROM gwtitles WHERE titlenameid = ?"); + $stmtview->bind_param("i", $_POST['tid']); + $stmtview->execute(); + $result = $stmtview->get_result(); + while ($row = $result->fetch_assoc()) { + $tid = $row['titlenameid']; + $tname = $row['titlename']; + $ttype = $row['titletype']; + $tmr = $row['titlemaxrank']; + echo ''; } - echo 'value="0">Account
'; - echo 'Character'; + $stmtview->close(); + echo '
titlenameidtitlenametitletypetitlemaxrank
'; + echo 'Account
'; + echo 'Character
Delete title?


'; + echo '
'; + echo 'Return to title manager'; } -$stmtview->close(); -echo '
Delete title?


'; -echo '
'; -echo 'Return to title manager'; ?> \ No newline at end of file diff --git a/includes/title-select.php b/includes/title-select.php index 544cb4f..d159ded 100644 --- a/includes/title-select.php +++ b/includes/title-select.php @@ -1,12 +1,14 @@ prepare("SELECT * FROM gwtitles ORDER BY titlename"); -$stmtview->execute(); -$result = $stmtview->get_result(); -while ($row = $result->fetch_assoc()) { - $tid = $row['titlenameid']; - $tname = $row['titlename']; - $tnr = $row['titlemaxrank']; - echo ''; +if (isset($_SESSION['userid'])) { + $stmtview = $con->prepare("SELECT * FROM gwtitles ORDER BY titlename"); + $stmtview->execute(); + $result = $stmtview->get_result(); + while ($row = $result->fetch_assoc()) { + $tid = $row['titlenameid']; + $tname = $row['titlename']; + $tnr = $row['titlemaxrank']; + echo ''; + } + $stmtview->close(); } -$stmtview->close(); ?> \ No newline at end of file diff --git a/includes/title-submit.php b/includes/title-submit.php index 7284c43..0ad33f9 100644 --- a/includes/title-submit.php +++ b/includes/title-submit.php @@ -1,20 +1,22 @@ prepare("INSERT INTO gwtitles (titlename, titletype, titlemaxrank) VALUES (?, ?, ?)"); -$stmtins->bind_param("sii", $_POST['titlename'], $_POST['titletype'], $_POST['titlemaxrank']); -$stmtins->execute(); -$stmtins->close(); -echo 'New title added!

'; -$stmtview = $con->prepare("SELECT * FROM gwtitles ORDER BY titlenameid DESC LIMIT 1"); -$stmtview->execute(); -$result = $stmtview->get_result(); -while ($row = $result->fetch_assoc()) { - $tid = $row['titlenameid']; - $tname = $row['titlename']; - $ttype = $row['titletype']; - $tmr = $row['titlemaxrank']; - echo ''; - echo '
titleidtitlenametitletypetitlemaxrank
' . $tid . '' . $tname . '' . $ttype . '' . $tmr . '

'; +if (isset($_SESSION['userid'])) { + $stmtins = $con->prepare("INSERT INTO gwtitles (titlename, titletype, titlemaxrank) VALUES (?, ?, ?)"); + $stmtins->bind_param("sii", $_POST['titlename'], $_POST['titletype'], $_POST['titlemaxrank']); + $stmtins->execute(); + $stmtins->close(); + echo 'New title added!

'; + $stmtview = $con->prepare("SELECT * FROM gwtitles ORDER BY titlenameid DESC LIMIT 1"); + $stmtview->execute(); + $result = $stmtview->get_result(); + while ($row = $result->fetch_assoc()) { + $tid = $row['titlenameid']; + $tname = $row['titlename']; + $ttype = $row['titletype']; + $tmr = $row['titlemaxrank']; + echo ''; + echo '
titleidtitlenametitletypetitlemaxrank
' . $tid . '' . $tname . '' . $ttype . '' . $tmr . '

'; + } + $stmtview->close(); + echo 'Return to title manager'; } -$stmtview->close(); -echo 'Return to title manager'; ?> \ No newline at end of file diff --git a/includes/title-update.php b/includes/title-update.php index 17e85a1..8b8c6c5 100644 --- a/includes/title-update.php +++ b/includes/title-update.php @@ -1,28 +1,30 @@ Please check the box to verify you want to delete: ' . $_POST['titlename'] . ' '; - echo '

'; - } else if ($_POST['deltitle'] == "iamsure") { - // this section actually deletes the title - $stmtdel = $con->prepare("DELETE FROM gwtitles WHERE titlenameid = ?"); - $stmtdel->bind_param("i", $_POST['titlenameid']); - $stmtdel->execute(); - $stmtdelst = $con->prepare("DELETE FROM gwsubtitles WHERE titlenameid = ?"); - $stmtdelst->bind_param("i", $_POST['titlenameid']); - $stmtdelst->execute(); - $stmtdel->close(); - echo 'The title and associated title ranks have been deleted, redirecting!'; +if (isset($_SESSION['userid'])) { + if (isset($_POST['deltitle'])) { + if ($_POST['deltitle'] == "yes") { + // this title makes you verify that you want to delete this title + echo '
Please check the box to verify you want to delete: ' . $_POST['titlename'] . ' '; + echo '


'; + } else if ($_POST['deltitle'] == "iamsure") { + // this section actually deletes the title + $stmtdel = $con->prepare("DELETE FROM gwtitles WHERE titlenameid = ?"); + $stmtdel->bind_param("i", $_POST['titlenameid']); + $stmtdel->execute(); + $stmtdelst = $con->prepare("DELETE FROM gwsubtitles WHERE titlenameid = ?"); + $stmtdelst->bind_param("i", $_POST['titlenameid']); + $stmtdelst->execute(); + $stmtdel->close(); + echo 'The title and associated title ranks have been deleted, redirecting!'; + header ("Refresh:1; url=titlemanager.php"); + } + } else { + // this section updates the title name + $stmtupd = $con->prepare("UPDATE gwtitles SET titlename = ?, titletype = ?, titlemaxrank = ? WHERE titlenameid = ?"); + $stmtupd->bind_param("siii", $_POST['titlename'], $_POST['titletype'], $_POST['titlemaxrank'], $_POST['titlenameid']); + $stmtupd->execute(); + $stmtupd->close(); + echo 'Title updated, redirecting!'; header ("Refresh:1; url=titlemanager.php"); } -} else { - // this section updates the title name - $stmtupd = $con->prepare("UPDATE gwtitles SET titlename = ?, titletype = ?, titlemaxrank = ? WHERE titlenameid = ?"); - $stmtupd->bind_param("siii", $_POST['titlename'], $_POST['titletype'], $_POST['titlemaxrank'], $_POST['titlenameid']); - $stmtupd->execute(); - $stmtupd->close(); - echo 'Title updated, redirecting!'; - header ("Refresh:1; url=titlemanager.php"); } ?> \ No newline at end of file diff --git a/includes/titleranks-add.php b/includes/titleranks-add.php index 74b2e56..0559e33 100644 --- a/includes/titleranks-add.php +++ b/includes/titleranks-add.php @@ -1,67 +1,59 @@ prepare("SELECT MAX(strank) FROM gwsubtitles WHERE titlenameid = ?"); - $trank->bind_param("i", $_POST['tid']); - $trank->execute(); - $trank->store_result(); - $trank->bind_result($gwstmr); - while ($trank->fetch()) { - if (is_null($gwstmr)) { - $tr = 1; +if (isset($_SESSION['userid'])) { + unset($_SESSION['title']); + if (isset($_SESSION['tid'])) { + $_POST['tid'] = $_SESSION['tid']; + } + if (isset($_SESSION['tr'])) { + $tr = $_SESSION['tr'] + 1; + } else { + $trank = $con->prepare("SELECT MAX(strank) FROM gwsubtitles WHERE titlenameid = ?"); + $trank->bind_param("i", $_POST['tid']); + $trank->execute(); + $trank->store_result(); + $trank->bind_result($gwstmr); + while ($trank->fetch()) { + if (is_null($gwstmr)) { + $tr = 1; + } else { + $tr = $gwstmr + 1; + } + } + } + $stmtname = $con->prepare("SELECT titlename, titlemaxrank FROM gwtitles WHERE titlenameid = ?"); + $stmtname->bind_param("i", $_POST['tid']); + $stmtname->execute(); + $stmtname->store_result(); + $stmtname->bind_result($gwtn, $gwtmr); + while ($stmtname->fetch()) { + echo 'Adding rank to title ' . $gwtn . '
The maximum rank achievable in game is ' . $gwtmr . '
'; + if ($tr > $gwtmr) { + echo '
No more ranks can be added!

'; } else { - $tr = $gwstmr + 1; + echo '
'; + echo ''; + echo '
Title Rank NameTitle PointsRank Level


'; } } + $stmtname->free_result(); + $stmtname->close(); + echo 'Here are the currently associated title ranks, starting with rank 1:
'; + echo '
'; + $stmtview = $con->prepare("SELECT * FROM gwsubtitles WHERE titlenameid = ? ORDER BY strank ASC"); + $stmtview->bind_param("i", $_POST['tid']); + $stmtview->execute(); + $result = $stmtview->get_result(); + while ($row = $result->fetch_assoc()) { + $stnid = $row['stnameid']; + $tnid = $row['titlenameid']; + $stname = $row['stname']; + $stpoints = $row['stpoints']; + $strank = $row['strank']; + echo ''; + } + $stmtview->close(); + $_SESSION['tid'] = $_POST['tid']; + echo '
stnameidtitlenameidstnamestpointsstrankEdit
' . $stnid . '' . $tnid . '' . $stname . '' . number_format($stpoints) . '' . $strank . '


If anything looks off, please fix it!

'; + echo 'Return to title manager'; } - -$stmtname = $con->prepare("SELECT titlename, titlemaxrank FROM gwtitles WHERE titlenameid = ?"); -$stmtname->bind_param("i", $_POST['tid']); -$stmtname->execute(); -$stmtname->store_result(); -$stmtname->bind_result($gwtn, $gwtmr); -while ($stmtname->fetch()) { - echo 'Adding rank to title ' . $gwtn . '
The maximum rank achievable in game is ' . $gwtmr . '
'; - if ($tr > $gwtmr) { - echo '
No more ranks can be added!

'; - } else { - echo '
'; - echo ''; - echo '
Title Rank NameTitle PointsRank Level


'; - } -} -$stmtname->free_result(); -$stmtname->close(); - -echo 'Here are the currently associated title ranks, starting with rank 1:
'; -echo '
'; -$stmtview = $con->prepare("SELECT * FROM gwsubtitles WHERE titlenameid = ? ORDER BY strank ASC"); -$stmtview->bind_param("i", $_POST['tid']); -$stmtview->execute(); -$result = $stmtview->get_result(); -while ($row = $result->fetch_assoc()) { - $stnid = $row['stnameid']; - $tnid = $row['titlenameid']; - $stname = $row['stname']; - $stpoints = $row['stpoints']; - $strank = $row['strank']; - echo ''; -} -$stmtview->close(); -$_SESSION['tid'] = $_POST['tid']; -echo '
stnameidtitlenameidstnamestpointsstrankEdit
' . $stnid . '' . $tnid . '' . $stname . '' . number_format($stpoints) . '' . $strank . '


If anything looks off, please fix it!

'; -echo 'Return to title manager'; ?> \ No newline at end of file diff --git a/includes/titleranks-editor.php b/includes/titleranks-editor.php index 2af48d2..60846df 100644 --- a/includes/titleranks-editor.php +++ b/includes/titleranks-editor.php @@ -1,30 +1,25 @@ '; - echo ''; - $ph = implode(",", $_POST['editstitle']); - $sredit = $con->prepare("SELECT * FROM gwsubtitles WHERE titlenameid = ? AND stnameid IN ($ph)"); - $sredit->bind_param("i", $_SESSION['tid']); - $sredit->execute(); - $result = $sredit->get_result(); - while ($row = $result->fetch_assoc()) { - echo ''; - echo ''; - echo ''; +if (isset($_SESSION['userid'])) { + if (isset($_POST['editstitle'])) { + echo '
Deleting takes precedence over edits - edits will have to be remade after submission
stnameidtitlenameidstnamestpointsstrankDelete?
'; + echo ''; + $ph = implode(",", $_POST['editstitle']); + $sredit = $con->prepare("SELECT * FROM gwsubtitles WHERE titlenameid = ? AND stnameid IN ($ph)"); + $sredit->bind_param("i", $_SESSION['tid']); + $sredit->execute(); + $result = $sredit->get_result(); + while ($row = $result->fetch_assoc()) { + echo ''; + echo ''; + echo ''; + } + $sredit->close(); + echo '
Deleting takes precedence over edits - edits will have to be remade after submission
stnameidtitlenameidstnamestpointsstrankDelete?

'; + echo '

'; + echo 'Return to title manager'; + } else { + echo 'No title ranks selected! Please press the back button on your browser to return to the previous page.

'; + echo 'Return to title manager'; } - $sredit->close(); - echo '
'; - echo '

'; - echo 'Return to title manager'; -} else { - echo 'No title ranks selected! Please press the back button on your browser to return to the previous page.

'; - echo 'Return to title manager'; } ?> \ No newline at end of file diff --git a/includes/titleranks-submit.php b/includes/titleranks-submit.php index 8bb44c9..14e2317 100644 --- a/includes/titleranks-submit.php +++ b/includes/titleranks-submit.php @@ -1,11 +1,13 @@ prepare("INSERT INTO gwsubtitles (titlenameid, stname, stpoints, strank) VALUES (?, ?, ?, ?)"); -$stmtstins->bind_param("isii", $_POST['titlenameid'], $_POST['titlerankname'], $_POST['titlepoints'], $_POST['titlerank']); -$stmtstins->execute(); -$stmtstins->close(); -$_SESSION['title'] = "repeat"; -$_SESSION['tid'] = $_POST['titlenameid']; -$_SESSION['tr'] = $_POST['titlerank']; -echo 'Title rank added, redirecting!'; -header ("Refresh:1; url=titlemanager.php"); +if (isset($_SESSION['userid'])) { + $stmtstins = $con->prepare("INSERT INTO gwsubtitles (titlenameid, stname, stpoints, strank) VALUES (?, ?, ?, ?)"); + $stmtstins->bind_param("isii", $_POST['titlenameid'], $_POST['titlerankname'], $_POST['titlepoints'], $_POST['titlerank']); + $stmtstins->execute(); + $stmtstins->close(); + $_SESSION['title'] = "repeat"; + $_SESSION['tid'] = $_POST['titlenameid']; + $_SESSION['tr'] = $_POST['titlerank']; + echo 'Title rank added, redirecting!'; + header ("Refresh:1; url=titlemanager.php"); +} ?> \ No newline at end of file diff --git a/includes/update-email.php b/includes/update-email.php index b3089ba..2a2ad27 100644 --- a/includes/update-email.php +++ b/includes/update-email.php @@ -1,8 +1,10 @@ prepare("UPDATE userinfo SET usermail = ? WHERE userid = ?"); -$updmail->bind_param("si", $_POST['useremail'], $_SESSION['userid']); -$updmail->execute(); -$_SESSION['usermail'] = $_POST['useremail']; -echo 'E-mail address updated.
'; +if (isset($_SESSION['userid'])) { + include_once ('verifications.php'); + $updmail = $con->prepare("UPDATE userinfo SET usermail = ? WHERE userid = ?"); + $updmail->bind_param("si", $_POST['useremail'], $_SESSION['userid']); + $updmail->execute(); + $_SESSION['usermail'] = $_POST['useremail']; + echo 'E-mail address updated.
'; +} ?> \ No newline at end of file diff --git a/includes/update-password.php b/includes/update-password.php index 4ced42b..d15a46f 100644 --- a/includes/update-password.php +++ b/includes/update-password.php @@ -1,21 +1,23 @@ prepare("SELECT userpass FROM userinfo WHERE userid = ?"); -$verifypass->bind_param("i", $_SESSION['userid']); -$verifypass->execute(); -$result = $verifypass->get_result(); -while ($row = $result->fetch_assoc()) { - $vp = password_verify ($_POST['oldpass'],$row['userpass']); - if ($vp) { - $hp = password_hash($_POST['userpass1'], PASSWORD_DEFAULT); - echo 'Verified old password, updating to new password!
'; - $updpass = $con->prepare("UPDATE userinfo SET userpass = ? WHERE userid = ?"); - $updpass->bind_param("si", $hp, $_SESSION['userid']); - $updpass->execute(); - echo 'Password updated!
'; - $updpass->close(); - } else { - echo 'Old password doesn\'t match, password is NOT updated!
'; +if (isset($_SESSION['userid'])) { + include_once ('verifications.php'); + $verifypass = $con->prepare("SELECT userpass FROM userinfo WHERE userid = ?"); + $verifypass->bind_param("i", $_SESSION['userid']); + $verifypass->execute(); + $result = $verifypass->get_result(); + while ($row = $result->fetch_assoc()) { + $vp = password_verify ($_POST['oldpass'],$row['userpass']); + if ($vp) { + $hp = password_hash($_POST['userpass1'], PASSWORD_DEFAULT); + echo 'Verified old password, updating to new password!
'; + $updpass = $con->prepare("UPDATE userinfo SET userpass = ? WHERE userid = ?"); + $updpass->bind_param("si", $hp, $_SESSION['userid']); + $updpass->execute(); + echo 'Password updated!
'; + $updpass->close(); + } else { + echo 'Old password doesn\'t match, password is NOT updated!
'; + } } } ?> \ No newline at end of file diff --git a/style.css b/style.css index e6babb0..07e5490 100644 --- a/style.css +++ b/style.css @@ -68,4 +68,16 @@ submitLink:focus { } .percentbar { background:#CCCCCC; border:1px solid #666666; height:10px; } -.percentbar div { background: #28B8C0; height: 10px; } \ No newline at end of file +.percentbar div { background: #28B8C0; height: 10px; } + +select *.profession-0 { background-color: #FFF; } +select *.profession-1 { background-color: #FF8; } +select *.profession-2 { background-color: #CF9; } +select *.profession-3 { background-color: #ACF; } +select *.profession-4 { background-color: #9FC; } +select *.profession-5 { background-color: #DAF; } +select *.profession-6 { background-color: #FBB; } +select *.profession-7 { background-color: #FCE; } +select *.profession-8 { background-color: #BFF; } +select *.profession-9 { background-color: #FC9; } +select *.profession-10 { background-color: #DDF; } diff --git a/titlemanager.php b/titlemanager.php index a21ee55..7a6e8ce 100644 --- a/titlemanager.php +++ b/titlemanager.php @@ -4,13 +4,13 @@ include_once ('header.php'); if (isset($_SESSION['userid'])){ if (isset($_SESSION['title'])) { if ($_SESSION['title'] == "repeat") { - $_POST['title'] = "addsubtitle"; - unset($_SESSION['title']); - } else { - unset($_SESSION['tr']); - } + $_POST['title'] = "addsubtitle"; + unset($_SESSION['title']); + } else { + unset($_SESSION['tr']); } - if ($_SESSION['admin'] == 1) { + } + if ($_SESSION['admin'] == 1) { echo '
'; if (isset($_POST['title'])) { if ($_POST['title'] == "addtitle") {