B2jVZVKE

· 8 years ago · Dec 04, 2017, 03:20 PM
1<?php
2//This file cannot be viewed, it must be included
3defined('IN_EZRPG') or exit;
4
5/*
6  Class: Module_AccountSettings
7  Lets the user change their password.
8*/
9class Module_AccountSettings extends Base_Module
10{
11    /*
12      Function: start
13      Begins the account settings page/
14    */
15    public function start()
16    {
17        //Require login
18        requireLogin();
19
20        if (isset($_POST['change_password']))
21        {
22            $this->changePassword();
23        }
24        else if (isset($_POST['change_profile']))
25        {
26            $this->changeProfile();
27        }
28        else
29        {
30            $this->tpl->display('account_settings.tpl');
31        }
32    }
33
34    private function changePassword()
35    {
36        $msg = '';
37        if (empty($_POST['current_password']) || empty($_POST['new_password']) || empty($_POST['new_password2']))
38        {
39            $msg = 'You forgot to fill in something!';
40        }
41        else
42        {
43            $check = sha1($this->player->secret_key . $_POST['current_password'] . SECRET_KEY);
44            if ($check != $this->player->password)
45            {
46                $msg = 'The password you entered does not match this account\'s password.';
47            }
48            else if (!isPassword($_POST['new_password']))
49            {
50                $msg = 'Your password must be longer than 3 characters!';
51            }
52            else if ($_POST['new_password'] != $_POST['new_password2'])
53            {
54                $msg = 'You didn\'t confirm your new password correctly!';
55            }
56            else
57            {
58                $new_password = sha1($this->player->secret_key . $_POST['new_password2'] . SECRET_KEY);
59                $this->db->execute('UPDATE `<ezrpg>players` SET `password`=? WHERE `id`=?', array($new_password, $this->player->id));
60                $msg = 'You have changed your password.';
61            }
62        }
63        
64        header('Location: index.php?mod=AccountSettings&msg=' . urlencode($msg));
65    }
66    
67    private function changeProfile()
68    {
69            $msg = '';
70        if (empty($_POST['name']) || empty($_POST['quote']) || empty($_POST['age']) || empty($_POST['msn']) || empty($_POST['aim']) || empty($_POST['aol']) || empty($_POST['yahoo']) || empty($_POST['color']))
71        {
72            $msg = 'You forgot to fill in something!';
73        }
74        else
75        {
76            $this->db->execute('UPDATE `<ezrpg>players` SET `name`=?, `quote`=?, `age`=?, `msn`=?, `aim`=?, `aol`=?, `yahoo`=?, `color`=?, WHERE `id`=?', array($_POST['name'], $_POST['quote'], $_POST['age'], $_POST['msn'], $_POST['aim'], $_POST['aol'], $_POST['yahoo'], $_POST['color'], $this->player->id));
77            $msg = 'You have changed your details.';
78        }
79        header('Location: index.php?mod=AccountSettings&msg=' . urlencode($msg));
80    }
81}
82?>