$val)
{
// Strip slashes (prevent injection attacks) for non-numbers.
if (!is_numeric($key))
if (is_numeric($val))
$user[$key] = $val;
else
$user[$key] = stripslashes($val);
}
if (!$error_msg)
{
// Check if we're updating or creating.
if ($pref_page)
{
// Make sure the logged in user is an admin or the same as the
// user whose information is being changed.
if ($_s_user_id != $_GET['id'] && !user_is_admin($_s_user_id))
{
header("Location:home.html");
}
else
{
$user['id'] = $_GET['id'];
// If the signed-in user is an adimin, he could be changing
// this user to be an admin or captain.
if (!user_is_admin($_s_user_id) && $user['status'])
unset($user['status']);
if (!strcmp($_POST['reset-password'], "true"))
{
if (!reset_user_password($user))
$error_msg = 'Could not reset password!';
}
else
{
if (!update_user($user))
$error_msg = 'Could not update user info ...';
}
// Get the user again, because the updating process kind of eliminates
// some of the fields in the array.
$user = get_user_by_id($_GET['id']);
}
}
else // Creating a new user.
{
// Create a new place for this guy.
$id = add_user_to_team($user);
if (!$id)
{
$error_msg = "Internal error (whoops). Sorry for the inconvenience,
but please try again.";
}
else
{
$_SESSION['user_id'] = $id;
session_write_close();
// echo '
User ID: "'.$id.'"
';
// echo '
Session user ID: "'.$_SESSION['user_id'].'"
';
header("Location:quote.html");
}
}
}
}
// If this is an "edit preferences" page for neither an admin nor the
// user him/herself, just redirect to this user's team's page.
else if ($pref_page)
{
$user = get_user_by_id($_GET['id']);
if ($_GET['id'] != $_s_user_id && !user_is_admin($_s_user_id))
header("Location:team".$user['team_id'].'.html');
}
ob_flush();
?>
The Olympics are over!
Sorry, but the Olympics are over, so you can't register for a new account. They ended on , , so check back around Janurary for the CSAIL Olympics!