Viên ngọc phương Đông

ruạṛ

<?php
/**
 * Update customer in the database
 * @version 0.9
 * @author Robert Urquhart <programmer@activatedesign.co.nz>
 * @package WEP-CMS
 */

session_start();
require_once $_SERVER['DOCUMENT_ROOT'].'/admin/scripts-includes/universal.php';
$connID = connect_to_db();

/**
 * get cleaned values, do not set $_SESSION['passback']
 */ 
$n = new user();
$n->user_id = clean_plain_data($_POST['customer_id']);
$n->name = clean_plain_data($_POST['customer_name']);
$n->email = clean_plain_data($_POST['email']);
$n->phone = clean_plain_data($_POST['phone']);
$n->address = clean_plain_data($_POST['address']);
$n->notes = clean_plain_data($_POST['notes']);
$n->shipping_location = clean_plain_data($_POST['shipping']);
$n->discount = is_decimal_data($_POST['discount']);
$n->wholesale = (isset($_POST['wholesale'])) ? '1' : '0';
$n->newsletter = (isset($_POST['newsletter'])) ? '1' : '0';
foreach($n->interest_list as $name => $label)
{
	if(isset($_POST[$name]))
	{
		$n->interests[] = $name;
	}
}
$n->suspended = (isset($_POST['suspended'])) ? '1' : '0';
$pwd = clean_plain_data($_POST['pwd']);

/**
 * validate customer_id
 */
if(!is_numeric_id($n->user_id, false) || !select_one('users','user_id','user_id',$n->user_id) )
{
	getout('Invalid customer ID','../customers.php');
	exit;
}

/**
 * validation
 * @var int $check_id record id associated with supplied email address (or false)
 */
$message = '';
$c = new user($user_id);

if(!is_email($n->email))
{
	$message .= 'Please check the spelling of the email address.<br />';
}
elseif($n->user_email != $c->user_email)
{
	if(db_select_one('users','user_id','email',$n->email))
	{
		$message .= 'Sorry, that email address is already associated with an account. Please select another.<br />';
	}
}

if($pwd!='')
{
	if(strlen($pwd) < 5)
	{
		$message .= 'Please select a longer password (at least 5 characters)<br />';
	}
}

if($message != '')
{
	getout($message);
	exit;
}

/*
 * update record
 */
if(!$n->update($pwd))
{
	getout('There was an error updating the customer. Please try again.');
	exit;
}

/**
 * clean up and exit script
 */
getout('Customer updated successfully');
exit;
?>