$value) { if (array_key_exists($name, $_REQUEST)) { continue; } $_REQUEST[$name] = $value; } // process form if (@$_REQUEST['save']) { // error checking $errorsAndAlerts = ""; if (!@$_REQUEST['fullname']) { $errorsAndAlerts .= "You must enter your full name!
\n"; } if (!@$_REQUEST['email']) { $errorsAndAlerts .= "You must enter your email!
\n"; } else if(!isValidEmail(@$_REQUEST['email'])) { $errorsAndAlerts .= "Please enter a valid email (example: user@example.com)
\n"; } if (!@$_REQUEST['username']) { $errorsAndAlerts .= "You must choose a username!
\n"; } // new password checking if (@$_REQUEST['oldPassword'] || $_REQUEST['newPassword1'] || $_REQUEST['newPassword2']) { if (!@$_REQUEST['oldPassword']) { $errorsAndAlerts .= "Please enter a value for: Current Password
\n"; } elseif (@$_REQUEST['oldPassword'] != $CURRENT_USER['password']) { $errorsAndAlerts .= "Current password isn't correct!
\n"; } elseif (!@$_REQUEST['newPassword1']) { $errorsAndAlerts .= "Please enter a value for: New Password
\n"; } elseif (!@$_REQUEST['newPassword2']) { $errorsAndAlerts .= "Please enter a value for: Confirm New Password
\n"; } elseif ($_REQUEST['newPassword1'] != $_REQUEST['newPassword2']) { $errorsAndAlerts .= "New passwords don't match!
\n"; } } // check for duplicate usernames and emails if (@$_REQUEST['username'] != $CURRENT_USER['username']) { $count = mysql_select_count_from('accounts', "`username` = '".mysql_escape(@$_REQUEST['username'])."'"); if ($count > 0 && @$_REQUEST['username']) { $errorsAndAlerts .= "That username is already in use, please choose another!
\n"; } } if (@$_REQUEST['email'] != $CURRENT_USER['email']) { $count = mysql_select_count_from('accounts', "'".mysql_escape($_REQUEST['email'])."' IN (email, username)"); if ($count > 0) { $errorsAndAlerts .= "That email is already in use, please choose another!
\n"; } } // update user if (!$errorsAndAlerts) { mysqlStrictMode(false); // disable Mysql strict errors for when a field isn't defined below (can be caused when fields are added later) if (@$_REQUEST['newPassword2']) { $CURRENT_USER['password'] = $_REQUEST['newPassword2']; } // update password $query = "UPDATE `{$TABLE_PREFIX}accounts` SET fullname = '".mysql_escape( $_REQUEST['fullname'] )."', email = '".mysql_escape( $_REQUEST['email'] )."', username = '".mysql_escape( $_REQUEST['username'] )."', password = '".mysql_escape( $CURRENT_USER['password'] )."', updatedByUserNum = '".mysql_escape( $CURRENT_USER['num'] )."', updatedDate = NOW() WHERE num = '".mysql_escape( $CURRENT_USER['num'] )."'"; mysql_query($query) or die("MySQL Error:
\n". htmlspecialchars(mysql_error()) . "\n"); $userNum = mysql_insert_id(); // on success unset($_REQUEST['oldPassword'], $_REQUEST['newPassword1'], $_REQUEST['newPassword2']); // clear password fields $errorsAndAlerts = "Thanks, we've updated your profile!"; } } // delete account if (@$_POST['deleteAccount']) { if ($CURRENT_USER['isAdmin']) { die("Error: Deleting admin accounts is not permitted!"); } // delete uploads $GLOBALS['tableName'] = 'accounts'; eraseRecordsUploads( $CURRENT_USER['num'] ); // delete account $query = mysql_escapef("DELETE FROM `{$TABLE_PREFIX}accounts` WHERE num = ?", $CURRENT_USER['num']); mysql_query($query) or die("MySQL Error:
\n". htmlspecialchars(mysql_error()) . "\n"); // redirect to login websiteLogin_redirectToLogin(); } ?>

Sample Edit Profile Page

Delete Account

If you want to delete your account you can do so here.
Please note that all data will be lost and this is irreversible.

Full Name
Email
Username

Current Password
New Password
New Password (again)