laufende Session ändern

Begonnen von Donald, 15 Juli 2002, 13:38:31

⏪ vorheriges - nächstes ⏩

0 Mitglieder und 1 Gast betrachten dieses Thema.

Donald

Hallo
in dem nachfolgenden Script sollen Userdaten geändert werden, da aber eine Session bereits läuft, werden diese Daten nicht geändert. Kann ich die laufende Session beim Abspeichern ändern bzw. löschen und gleich wieder mit den neuen Daten aufbauen? Wenn ja , wo und wie ???

Gruß
Donald

<?php
session_start();

if (!isset($mainfile)) { include("mainfile.php"); }
include("header.php");
OpenTable();
//DON'T MESS WITH ANY OF THIS!

include("or_common.php");

$link = mysql_connect ($server, $user, $password);
if (! $link)
{
die ("Couldn't connect to mySQL server");
}
if (!mysql_select_db ($db, $link) )
{
die ("Coldn't open $db: ".mysql_error() );
}

if ($current_user == "" AND $agentname == "")
{

include("./templates/or_user_top.html");
print "<P><form action=\"./or_accountedit.php\" method=\"post\">Bitte Name und Passwort eingeben:<P>";
print "Login Name: <input type=text name=agentname maxlength=30><P> ";
print "Passwort: <input type=password name=agentpassword maxlength=10><P><input type=submit value=\"Log In\"></form><P>";

print "<form action=\"or_emailpass.php\">Passwort vergessen? E-Mail eingeben, Passwort wird zugesandt:<BR><input type=text name=email maxlength=100><P><input type=submit VALUE=\"Senden\"></form><P>";
include("./templates/or_user_bottom.html");
CloseTable();
include("footer.php");
exit;

} elseif ($agentname != "" OR $current_user != "")
{

$sql = "SELECT id
FROM nuke_agents
WHERE agent='$agentname'
and agentpass='$agentpassword'";

$result = mysql_query($sql)
or die("Couldn't execute query.");

$num = mysql_numrows($result);

if ($num == 1) {
session_register("agentname");
session_register("agentpassword");

echo "<!-- USER : $agentname -->\r\n";
print "<!-- Your session ID is ".session_id()."-->\r\n";

session_register("current_user");
session_register("agent");
session_register("agenturl");
session_register("agentemail");
session_register("agentphone");

//COLLECT INFORMATION ABOUT THE CURRENT USER
$result = mysql_query("SELECT * FROM nuke_agents WHERE agent='$agentname';",$link);
while ($a_row =mysql_fetch_array ($result) )
{
$current_user = $a_row[id];
$agent = $a_row[agent];
$agenturl = $a_row[agenturl];
$agentemail = $a_row[agentemail];
$agentphone = $a_row[agentphone];
}

print "<!-- You are user #$current_user -->\r\n\r\n";

} else if ($num == 0)  {
include("./templates/or_user_top.html");
echo 'Diese User/Passwort Kombination ist nicht richtig.<P>';
print "<P><form action=\"./or_accountedit.php\" method=\"post\">Bitte Name und Passwort eingeben:<P>";
print "Login Name: <input type=text name=agentname maxlength=30><P> ";
print "Passwort: <input type=password name=agentpassword maxlength=10><P><input type=submit value=\"Log In\"></form><P>";

print "<form action=\"emailpass.php\">Passwort vergessen? E-Mail eingeben, Passwort wird zugesandt:<BR><input type=text name=email maxlength=100><P><input type=submit VALUE=\"Senden\"></form><P>";
include("./templates/or_user_bottom.html");
CloseTable();
include("footer.php");
exit;

}

}

//print the header
print "<!-- HERE BEGINNETH THE HEADER -->\r\n";
include("./templates/or_user_top.html");

//beginning of status area
print "<!-- Beginning of Status Area -->";
print "<table border=1 width=90% cellspacing=1 cellpadding=3><tr align=left><td>";

//DELETE A RECORD FROM AGENT
if ($delete2 != "")
{

$query = "DELETE FROM nuke_agents WHERE id = '$delete2'";
if (!mysql_query ($query, $link) )
{
die (mysql_error());
}
print "Anbieter #$delete2 wurde gelöscht...";

$query = "DELETE FROM nuke_agent_tbl_files WHERE (owner = $delete2)";
if (!mysql_query ($query, $link) )
{
die (mysql_error());
}
print "HP-Bilder von Anbieter #$delete2 wurden gelöscht...";

$query = "DELETE FROM nuke_tbl_files WHERE (owner = $delete2)";
if (!mysql_query ($query, $link) )
{
die (mysql_error());
}
print "Bilder von Anbieter #$delete2 wurden gelöscht...";
}

//DELETE AN IMAGE

if ($deleteimage != "")
{
$query = "DELETE FROM nuke_agent_tbl_files WHERE ((id_files = $deleteimage) AND (owner='$current_user'))";
if (!mysql_query ($query, $link) )
{
die (mysql_error());
}
print "$filename wurde gelöscht...";

}

if ($action == "upload")
{
if (isset($binFile) && $binFile != "none")
{
$data = addslashes(fread(fopen($binFile, "r"), filesize($binFile)));
$strDescription = addslashes(nl2br($txtDescription));
$sql = "INSERT INTO nuke_agent_tbl_files ";
$sql .= "(description, bin_data, filename, filesize, filetype, owner, agentnum) ";
$sql .= "VALUES ('$strDescription', '$data', ";
$sql .= "'$binFile_name', '$binFile_size', '$binFile_type', '$current_user', '$current_user')";

if (!mysql_query ($sql, $link) )
{
die (mysql_error());
}

echo "Ihr Bild wurde hinzugefügt ($binFile_name).";

}
}

//MODIFY A RECORD
if ($modify != "")
{
print "editing field $modify...";

//add slashes to input so things don't get fucked up in mySQL   
$agent = addslashes($agent);
$notes = addslashes($notes);

//formats the description text, if necessary
if ($linefeeds == "Y")
{
$notes = ereg_replace("(\r\n|\n|\r)", "<br>", $notes);
}

$query = "UPDATE nuke_agents SET agent = '$agent', agentpass = '$agentpass', agenturl = '$agenturl', agentemail = '$agentemail', notes = '$notes', agentphone = '$agentphone', agentcell = '$agentcell', agentfax = '$agentfax', anews = '$anews' WHERE id='$current_user'";

if (!mysql_query ($query, $link) )
{
die (mysql_error());
}
print "Agent #$modify wurde geändert...";
}

//THUS ENDS THE STATUS AREA...   

//begin main content

print "</td></tr></table><P>";
print "<!-- End of Status Area -->\r\n";
Print "<center><A HREF=\"./or_agentdisplay.php?view=$current_user\">Meine Anbieter Seite ansehen</a></center><P>";

$result = mysql_query("SELECT * FROM nuke_agents WHERE id='$current_user';",$link);
while ($a_row =mysql_fetch_array ($result) )
{

//select images connected to a given listing
$query = "SELECT * FROM nuke_agent_tbl_files WHERE agentnum = $current_user";
$result = mysql_query("$query",$link);
$num_images = 0;
while ($image_row =mysql_fetch_array ($result) )
{

echo "<P> \n";
echo "<B>$image_row[filename]</b><BR>\n";
echo "$image_row[filetype] (Size $image_row[filesize])<P>\n";
echo "<a href='or_agent_image.php?Id=$image_row[id_files]' target=\"_new\"><img src='or_agent_image.php?Id=$image_row[id_files]' border=0 width=100 alt='zum vergrößern anklicken'></a><BR>";
echo stripslashes($image_row[description]) . "<P>\n";

echo "<a href=\"./or_accountedit.php?deleteimage=$image_row[id_files]&filename=$image_row[filename]&edit=$current_user\">Bild löschen</a><P><HR><B>";
$num_images++;
}

//strip slashes so input appears correctly
$a_row[agent] = stripslashes ($a_row[agent]);
$a_row[notes] = stripslashes ($a_row[notes]);

//format description fields appropriately
if ($linefeeds == "Y")
{
$a_row[notes] = ereg_replace("<br>", "\r\n", $a_row[notes]);
}

print "<table border=0 cellspacing=0 cellpadding=0 width=100%><tr><td>";
print "<font size=3><b>Anbieter ändern</b></font>";
print "</td></tr></table><P>";

print "<form name=\"addagent\" action=\"./or_accountedit.php?modify=$a_row[id]&edit=$current_user\" method=post>";
print "<table width=100% border=0 cellpadding=3>";
print "<tr><td align=right>Name:</td><td align=left> $a_row[agent]</td></tr>";
print "<tr><td align=right>Passwort:</td><td align=left> <input type=\"text\" name=\"agentpass\" value=\"$a_row[agentpass]\" maxlength=\"10\"></td></tr>";

print "<tr><td align=right>Phone:</td><td align=left> <input type=\"text\" name=\"agentphone\" value=\"$a_row[agentphone]\"maxlength=\"30\"></td></tr>";
print "<tr><td align=right>Handy:</td><td align=left> <input type=\"text\" name=\"agentcell\" value=\"$a_row[agentcell]\" maxlength=\"30\"></td></tr>";
print "<tr><td align=right>Fax:</td><td align=left> <input type=\"text\" name=\"agentfax\" value=\"$a_row[agentfax]\" maxlength=\"30\"></td></tr>";

print "<tr><td align=right>Homepage:</td><td align=left> <input type=\"text\" name=\"agenturl\" value=\"$a_row[agenturl]\" maxlength=\"100\"></td></tr>";
print "<tr><td align=right>Email:</td><td align=left> <input type=\"text\" name=\"agentemail\" value=\"$a_row[agentemail]\" maxlength=\"100\">  Anbieter-News <input type=checkbox name=\"anews\" value=\"y\" ";
if ($a_row[anews] == "y"){print "checked>";}
print "</td></tr> ";
print "<tr><td align=right>Anbieterdaten:</td><td align=left> <textarea name=\"notes\" rows=12 cols=80>$a_row[notes]</textarea></td></tr>";
print "</table>";
print "Ihre Anbieter-ID Nummer: $a_row[id] , bitte bei allen <a href=\"mailto:service@immobilien-kurier.info?subject=Kontakt von Anbieter: $a_row[agent] , ID: $a_row[id]\">Kontakten</a> mit dem Immobilien-Kurier angeben.";

print "<center><P>";
print "<input type=submit VALUE=\"Ändern\"></form></center>";


//
if ($num_images < $max_agent_images)
{
print "<CENTER><B>Manage Bilder</b></center><P>";
print"<FORM METHOD=\"post\" ACTION=\"./or_accountedit.php\" ENCTYPE=\"multipart/form-data\">";
print"<INPUT TYPE=\"hidden\" NAME=\"MAX_FILE_SIZE\" VALUE=\"$max_agent_upload\">";
print"<INPUT TYPE=\"hidden\" NAME=\"agentnum\" VALUE=\"$a_row[id]\">";
print"<INPUT TYPE=\"hidden\" NAME=\"edit\" VALUE=\"$a_row[id]\">";
print"<INPUT TYPE=\"hidden\" NAME=\"action\" VALUE=\"upload\">";
print"<TABLE BORDER=\"0\" cellpadding=3>";
print"<TR>";
print"<TD>Titel: </TD>";
print"<TD><INPUT NAME=\"txtDescription\" COLS=\"50\" maxlength=\"20\"></TD>";
print"</TR>";
print"<TR>";
print"<TD>Datei: </TD>";
print"<TD><INPUT TYPE=\"file\" NAME=\"binFile\"></TD>";
print"</TR>";
print"<TR>";
print"<TD COLSPAN=\"2\"><INPUT TYPE=\"submit\" VALUE=\"Upload\"></TD>";
print"</TR>";
print"</TABLE>";

print"</FORM>";
?>
<script type="text/javascript">
<!--
function loeschen(URL1)
{
Check = confirm("Wollen Sie den Account wirklich löschen?\r");
if(Check)
self.location.href=URL1
}
//-->
</script>
<?php

print "<font size=\"1\" color=\"red\">Hier können Sie Ihren Account löschen, doch Vorsicht, es wird ohne Nachfrage gelöscht !!!
<a href=\"javascript:loeschen('./or_accountedit.php?delete2=$a_row[id]')\">Lösche Anbieter</a></font>";

//print "<font size=\"1\" color=\"red\">Hier können Sie Ihren Account löschen, doch  Vorsicht, es wird ohne Nachfrage gelöscht //!!! <a href=\"./or_accountedit.php?delete2=$a_row[id]\">Lösche Anbieter</a></font>";

print "</center></td></tr></table>";
}
else
{
print "<CENTER><B>Maximale Anzahl von Bildern erreicht!</b></center>";
}

}

//print the footer
print"\r\n<!-- THUS ENDETH THE MAIN CONTENT -->\r\n<!-- HERE BEGINNETH THE FOOTER -->";
include("./templates/or_user_bottom.html");
CloseTable();
include("footer.php");
mysql_close($link);
?>