Change password and other information in php
Posted: Tue Dec 13, 2011 11:47 am
I having a difficulty in the part where user setting up his account.
below is my code.. Parse error: syntax error, unexpected T_VARIABLE in C:\xampp\htdocs\sources\login\ucp\account.php on line 81
below is my code.. Parse error: syntax error, unexpected T_VARIABLE in C:\xampp\htdocs\sources\login\ucp\account.php on line 81
Code: Select all
<div id="main">
<div class="h3">Account Settings</div>
<div class="mainbox">
<?php
if(isset($_SESSION['usernamejob'])) {
if(!isset($_POST['modify'])){
$query = mysql_query("SELECT * FROM `employee_user` WHERE `usernamejob`='".$_SESSION['usernamejob']."'") or die(mysql_error());
$row = mysql_fetch_array($query);
?>
<center>
<table cellspacing=1 cellpadding=5>
<tr><td class=listtitle colspan=2><center><span class='title2'></span></center></td></tr>
<?php
echo "
<form method=\"POST\">
<tr><td class=list align=left>Current Password</td><td class=list> <input type=\"password\" name=\"current\" maxlength=\"12\"><br></td></tr>
<tr><td class=list align=left>New Password</td><td class=list> <input type=\"password\" name=\"password\" maxlength=\"12\"><br></td></tr>
<tr><td class=list align=left>Confirm Password</td><td class=list> <input type=\"password\" name=\"cpassword\" maxlength=\"12\"><br></td></tr>
<tr><td class=list align=left>E-mail</td><td class=list> <input type=\"text\" name=\"email\" value=\"".$row['email']."\"><br></td></tr>
<tr><td class=list align=left>Phone Number</td><td class=list> <input type=\"text\" name=\"phone\" value=\"".$row['phone']."\"><br></td></tr>
<tr>
<td class=list align=left>Current Location:</td>
<td class=list>
<select name=\"location\">
<option value=\"\"></option>
<option value=\"N/A\">N/A</option>
<option value=\"Johor\">Johor</option>
<option value=\"Kedah\">Kedah</option>
<option value=\"Kelantan\">Kelantan</option>
<option value=\"KL\">Kuala Lumpur</option>
<option value=\"Labuan\">Labuan</option>
<option value=\"Melaka\">Melaka</option>
<option value=\"N9\">Negeri Sembilan</option>
<option value=\"Pahang\">Pahang</option>
<option value=\"Penang\">Penang</option>
<option value=\"Perak\">Perak</option>
<option value=\"Perlis\">Perlis</option>
<option value=\"Putrajaya\">Putrajaya</option>
<option value=\"Sabah\">Sabah</option>
<option value=\"Sarawak\">Sarawak</option>
<option value=\"Selangor\">Selangor</option>
<option value=\"Terengganu\">Terengganu</option>
</select>
</td>
<br>
</tr>
<tr>
<td class=list align=left>Education Level:</td>
<td class=list>
<select name=\"education_lvl\">
<option value=\"SPM\">SPM</option>
<option value=\"STPM\">STPM</option>
<option value=\"Diploma\">Diploma</option>
<option value=\"Degree\">Degree</option>
</select>
</td>
<br>
</tr>
<tr><td class=listtitle align=left colspan=2><center><input type=\"submit\" name=\"modify\" value=\"Modify\"></form></td></tr></center>";
} else {
$usernamejob = mysql_query("SELECT * FROM `employee_user` WHERE `usernamejob`='".$_SESSION['usernamejob']."'") or die(mysql_error());
$user = mysql_fetch_array($usernamejob);
$current = mysql_real_escape_string($_POST['current']);
$password = mysql_real_escape_string($_POST['password']);
$cpass = mysql_real_escape_string($_POST['cpassword']);
$email = mysql_real_escape_string($_POST['email']);
$phone = mysql_real_escape_string($_POST['phone']);
$location = mysql_real_escape_string($_POST['location']);
if($current) {
if($usernamejob['password'] == $current.$usernamejob['password'] || sha1($current) == $usernamejob['password']) {
if($password != $cpass) {
echo "Passwords do not match!";
} else {
if(strlen($password) < 6) {
echo "Your password must be between 6 and 12 characters!";
} elseif(strlen($password) > 12) {
echo "Your password must be between 6 and 12 characters!";
} else {
$u = mysql_query("UPDATE `employee_user` SET `password`='"$password"' WHERE `usernamejob`='".$usernamejob['usernamejob']."'") or die(mysql_error());
echo "Your changes have been saved.";
}
}
} else {
echo "Your current password is wrong!";
}
} elseif($email == "") {
echo "Please supply an e-mail!";
} else {
$usernamejob = mysql_query("UPDATE `employee_user` SET `email`='".$email."' WHERE `usernamejob`='".$usernamejob['usernamejob']."'") or die(mysql_error());
echo "Your changes have succesfully been saved to the database!";
} elseif($phone == ""){
echo "Please enter ur new phone number";
} else {
$usernamejob = mysql_query("UPDATE `employee_user` SET `phone`='".$phone."' WHERE `usernamejob`='".$usernamejob['usernamejob']."'") or die(mysql_error());
}elseif($location == ""){
echo "Please insert new location";
} else {
$usernamejob = mysql_query("UPDATE `employee_user` SET `location`='".$location."' WHERE `usernamejob`='".$usernamejob['usernamejob']."'") or die(mysql_error());
}
}
echo "</fieldset>";
} else {
echo "You are not logged in!";
}
echo "</td></tr></table>";
?>
</div>
</div>