From be8e64ca785c9281d09b42aeaa917e8a1673af42 Mon Sep 17 00:00:00 2001
From: cflem <carson.fl3ming@gmail.com>
Date: Sun, 1 Jan 2017 19:46:20 -0700
Subject: Moved ad displaying to dash_functions.php; finished settings.php

---
 dash/settings.php | 71 +++++++++++++++++++++++++++++++------------------------
 1 file changed, 40 insertions(+), 31 deletions(-)

(limited to 'dash/settings.php')

diff --git a/dash/settings.php b/dash/settings.php
index 5dc2e3d..9a7179a 100644
--- a/dash/settings.php
+++ b/dash/settings.php
@@ -2,16 +2,25 @@
 define('HEIRARCHY', 1);
 
 require('dash_common.php');
+global $b_config, $b_user;
 $title = 'Account Settings / Bulletin';
 require('header.php');
-if (!empty($_POST['changepass'])) {
+if (!empty($_POST['oldpass'])) {
   if ($b_user['password'] != hash('sha512', $_POST['oldpass'])) dash_fatal('The password you entered does not match your current password.');
-  if ($_POST['newpass1'] != $_POST['newpass2']) dash_fatal('Your new passwords do not match.');
-  $db->query('UPDATE users SET password = \''.hash('sha512', $_POST['newpass1']).'\' WHERE id = '.$b_user['id']) or dash_fatal($db->error);
-  if ($db->affected_rows < 1) dash_fatal('No user with your ID is in the database');
-  dash_fatal('Password changed successfully.');
-} else if (!empty($_POST['changetype'])) {
-  if ($b_user['password'] != hash('sha512', $_POST['curpass'])) dash_fatal('The password you entered does not match your current password.');
+  if (!empty($_POST['newpass1'])) {
+    if ($_POST['newpass1'] != $_POST['newpass2']) dash_fatal('Your new passwords do not match.');
+    $db->query('UPDATE users SET password = \''.hash('sha512', $_POST['newpass1']).'\' WHERE id = '.$b_user['id']) or dash_fatal($db->error);
+    if ($db->affected_rows < 1) dash_fatal('Your password could not be changed.');
+  }
+
+  $type = $b_user['type'];
+  if ($_POST['newtype'] == 0) $type = 'EMPLOYEE';
+  else if ($_POST['newtype'] == 1) $type = 'EMPLOYER';
+  if ($type != $b_user['type']) {
+    $db->query('UPDATE users SET type = \''.$type.'\' WHERE id = '.$b_user['id']) or dash_fatal($db->error);
+    if ($db->affected_rows < 1) dash_fatal('Your account type could not be changed.');
+  }
+  dash_fatal('Account settings successfully updated.');
 }
 ?>
       <div id="fulljob" class="fjsettings">
@@ -19,31 +28,31 @@ if (!empty($_POST['changepass'])) {
           <h3 id="fjhtitle">Account Settings</h3>
           <p id="fjhdesc">Adjusting for <?=htmlentities($b_user['email']);?></p>
         </div>
-        <div id="fjbody">
-          <h4>Current Password</h4>
-          <p>Your current password is needed to change your account settings.</p>
-          <p><input id="inpoldpass" type="password" name="oldpass" placeholder="Current password" /></p>
-        </div>
-        <div id="fjfooter">
-          <form action="/dash/settings.php" method="post">
-            <h4>Change Password</h4>
-            <p><input id="inpnp1" type="password" name="newpass1" placeholder="New password" /></p>
-            <p><input id="inpnp2" type="password" name="newpass2" placeholder="Confirm new password" /></p>
-            <p><input id="inpcp" type="submit" name="changepass" value="Change Password" /></p>
-          </form>
-          <form action="/dash/settings.php" method="post">
-            <h4>Change Account Type</h4>
-            <p>
-              <select id="inpnt" name="newtype">
-                <option<?php if ($b_user['type'] == 'EMPLOYEE') echo ' selected="selected"'; ?> value="0">Job Seeker</option>
-                <option<?php if ($b_user['type'] == 'EMPLOYER') echo ' selected="selected"'; ?> value="1">Job Provider</option>
-              </select>
-            </p>
-            <p><input id="inpct" type="submit" name="changetype" value="Change Account Type" /></p>
-          </form>
-        </div>
+        <form action="/dash/settings.php" method="post">
+          <div id="fjbody">
+            <h4>Current Password</h4>
+            <p>Your current password is needed to change your account settings.</p>
+            <p><input id="inpoldpass" type="password" name="oldpass" placeholder="Current password" /></p>
+          </div>
+          <div id="fjfooter">
+            <div class="pseudoform">
+              <h4>Change Password</h4>
+              <p><input id="inpnp1" type="password" name="newpass1" placeholder="New password" /></p>
+              <p><input id="inpnp2" type="password" name="newpass2" placeholder="Confirm new password" /></p>
+            </div>
+            <div class="pseudoform">
+              <h4>Change Account Type</h4>
+              <p>
+                <select id="inpnt" name="newtype">
+                  <option<?php if ($b_user['type'] == 'EMPLOYEE') echo ' selected="selected"'; ?> value="0">Job Seeker</option>
+                  <option<?php if ($b_user['type'] == 'EMPLOYER') echo ' selected="selected"'; ?> value="1">Job Provider</option>
+                </select>
+              </p>
+            </div>
+            <p id="setchgbtn"><input id="inpchg" type="submit" name="change" value="Update Settings" /></p>
+          </div>
+        </form>
       </div>
 <?php
-if (!empty($result)) $result->free();
 require('footer.php');
 ?>
-- 
cgit v1.2.3