0) { $new_password = slweg($_POST["form_password"]); if ( strlen($new_password) < 5) $err .= str_replace('{VAL}', strlen($new_password), $BL['be_profile_account_err2'])."\n"; } } else { $err .= $BL['be_profile_account_err3']."\n"; } $new_email = slweg(trim($_POST["form_useremail"])); if ($new_email != $_SESSION["wcs_user_email"]) { if( !is_valid_email($new_email) ) { $err .= str_replace('{VAL}', html_specialchars($new_email), $BL['be_profile_account_err4'])."\n"; } } if($_POST["form_lang"]) { $new_language = slweg(trim($_POST["form_lang"])); } else { $new_language = $phpwcms["default_lang"]; } $new_wysiwyg = empty($_POST['form_wysiwyg']) ? 0 : intval($_POST['form_wysiwyg']); $user_var['template'] = empty($_POST['form_wysiwyg_template']) ? '' : clean_slweg($_POST['form_wysiwyg_template']); //Jetzt die Daten aktualisieren if(empty($err)) { $sql = "UPDATE ".DB_PREPEND."phpwcms_user SET "; $sql .= " usr_login='".aporeplace($new_username)."', "; if(!empty($new_password)) { $sql .= "usr_pass='".aporeplace(md5($new_password))."', "; } $sql .= "usr_email='".aporeplace($new_email); $sql .= "', usr_lang='".aporeplace($new_language); $sql .= "', usr_wysiwyg=".$new_wysiwyg; $sql .= " , usr_vars='".aporeplace(serialize($user_var))."'"; $sql .= " WHERE usr_id=".$_SESSION["wcs_user_id"]; $sql .= " AND usr_login='".$_SESSION["wcs_user"]."' LIMIT 1"; if(mysql_query($sql, $db)) { //Wenn Aktualisierung erfolgreich war //neue Werte den Sessionvariablen zuweisen $_SESSION["wcs_user"] = $new_username; $_SESSION["wcs_user_email"] = $new_email; $_SESSION["wcs_user_lang"] = $new_language; $_SESSION["WYSIWYG_EDITOR"] = $new_wysiwyg; $_SESSION["WYSIWYG_TEMPLATE"] = $user_var['template']; set_language_cookie(); headerRedirect(PHPWCMS_URL."phpwcms.php?do=profile"); } } } //Ende Prüfung Gastzugang ?>