-
Notifications
You must be signed in to change notification settings - Fork 1
/
_set_contact.php
executable file
·61 lines (61 loc) · 2.07 KB
/
_set_contact.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
<?php
/* Skript pro zmenu kontaktnich informaci */
session_start();
include 'mysql.php';
//pom. promenna
$error = 0;
//zpracovani formulare
$email = mysqli_real_escape_string($db, $_POST["email"]);
$adresa = mysqli_real_escape_string($db, $_POST["adresa"]);
$telefon = mysqli_real_escape_string($db, $_POST["telefon"]);
$heslo = mysqli_real_escape_string($db, $_POST["heslo"]);
$u_id = $_SESSION["logged"];
//kontrola na delku emailu
if (strlen($email) == 0)
$error = 1; //nezadan email
//kontrola na pouziti emailu v tabulkach
if ($error == 0) {
$email_zam = mysqli_query($db, "SELECT email FROM zamestnanec WHERE id NOT IN ( '$u_id' )");
while ($row = mysqli_fetch_array($email_zam)) {
if (strcasecmp($email, $row["email"]) == 0) {
$error = 2;
break;
}
}
if ($error == 0) {
$email_uzi = mysqli_query($db, "SELECT email FROM ctenar WHERE id NOT IN ( '$u_id' )");
while ($row = mysqli_fetch_array($email_uzi)) {
if (strcasecmp($email, $row["email"]) == 0) {
$error = 2;
break;
}
}
}
}
//kontrola na spravnost hesla
if ($error == 0) {
if ($_SESSION["role"] == 1)
$pass_query = mysqli_query($db, "SELECT heslo FROM ctenar WHERE id='$u_id'");
else
$pass_query = mysqli_query($db, "SELECT heslo FROM zamestnanec WHERE id='$u_id'");
while ($row = mysqli_fetch_array($pass_query)) {
if (hash("sha512", $heslo) != $row["heslo"])
$error = 3;
}
}
//aktualizace
if ($error == 0) {
if ($_SESSION["role"] == 1)
$pass_query = mysqli_query($db, "UPDATE ctenar SET email='$email', adresa='$adresa', telefon='$telefon' WHERE id='$u_id'");
else
$pass_query = mysqli_query($db, "UPDATE zamestnanec SET email='$email', adresa='$adresa', telefon='$telefon' WHERE id='$u_id'");
if($pass_query){
header("Location: index.php?pg=ucet&msg=106");
} else {
header("Location: index.php?pg=ucet&msg=99");
}
} else {
$error += 19;
header("Location: index.php?pg=set&what=2&msg=" . $error);
}
?>