include "header.php"; ?> include "db.php"; ?> $db = new DB($mysql_host, $mysql_user, $mysql_password, $mysql_db); ?>
$doEdit = true;
$username = "";
if (isset($_REQUEST["username"])) {
$username=$_REQUEST["username"];
}
$password = "";
if (isset($_REQUEST["password"])) {
$password=$_REQUEST["password"];
}
$email = "";
if (isset($_REQUEST["email"])) {
$email=$_REQUEST["email"];
}
$timelimit = "";
if (isset($_REQUEST["timelimit"])) {
$timelimit=$_REQUEST["timelimit"];
}
$mount = "";
if (isset($_REQUEST["mount"])) {
$mount=$_REQUEST["mount"];
}
$confirm = "";
if (isset($_REQUEST["confirm"])) {
$confirm=$_REQUEST["confirm"];
}
if (($username != "") && ($password != "") && ($mount != "")) {
$doEdit = true;
}
else {
$doEdit = false;
}
if (($confirm == "1") && ($doEdit == false)) {
echo "Required field missing
";
}
$displayform = true;
if ($doEdit) {
if ($timelimit == "") {
$timelimit = "-1";
}
$query = sprintf("update ".$table_prefix."users set password = '%s', email = '%s', timeleft = %s where username = '%s' and mountpoint = '%s'",
mysql_real_escape_string($password),
mysql_real_escape_string($email),
mysql_real_escape_string($timelimit),
mysql_real_escape_string($username),
mysql_real_escape_string($mount));
if (mysql_query($query, $db->link)) {
echo "User $username updated
";
$displayform = false;
}
else {
echo "Error updating user $username : ".mysql_error()."
";
$displayform = false;
}
}
?>
if ($displayform) {
?>