<?
require("../register/conf/reg_config.php");

$mysql = mysql_connect($server,$username,$password) or print_mbase_html("My Profile","Error!","Your profile can not be updated at this time.  The error message reported is:<p>" . mysql_error($mysql));
$connection = mysql_select_db($database, $mysql); 

$ispostback = $_REQUEST['ispostback'];

if($ispostback)
{
	$fullname = $_REQUEST['fullname'];
	$company = $_REQUEST['company'];
	$position = $_REQUEST['position'];
	$comments = $_REQUEST['comments'];
	$passwd = $_REQUEST['pass1'];
	$username = $_REQUEST['username'];
	$userkey = $_REQUEST['userkey'];

	
	$sql = "UPDATE `user` SET `fullname`='$fullname',`company`='$company',`position`='$position',`comments`='$comments',`Language`='$language',`Colorcode`='$colorcode' WHERE `userkey`=$userkey";
	$result = mysql_query($sql,$mysql) or print_mbase_html("My Profile","Profile Update Error!","Your profile can not be updated at this time.  The error message reported is:<p>" . mysql_error($mysql));
	$sql = "UPDATE `usergroups` SET `passwd`='$passwd' WHERE `username`='$username'";
	$result = mysql_query($sql,$mysql) or print_mbase_html("My Profile","Password Update Error!","Your password can not be updated at this time.  The error message reported is:<p>" . mysql_error($mysql));
	print_mbase_html("My Profile","Success!","Your profile was successfully updated.");
}
else
{
	$sql = "SELECT * FROM `user` WHERE `username`='" . $_SERVER['REMOTE_USER'] . "'";
	$result_user = mysql_query($sql,$mysql) or print_mbase_html("My Profile","Error!","Your profile can not be updated at this time.  The error message reported is:<p>" . mysql_error($mysql));
	$sql = "SELECT `passwd` FROM `usergroups` WHERE `username`='" . $_SERVER['REMOTE_USER'] . "' LIMIT 1";
	$result_passwd = mysql_query($sql,$mysql) or print_mbase_html("My Profile","Error!","Your profile can not be updated at this time.  The error message reported is:<p>" . mysql_error($mysql));
	
	if(mysql_num_rows($result_user) && mysql_num_rows($result_passwd))
	{
		$row = mysql_fetch_array($result_user);
	
		$fullname = $row['fullname'];
		$company = $row['company'];
		$username = $row['username'];
		$position = $row['position'];
		$comments = $row['comments'];
		$userkey = $row['userkey'];
		$language = $row['Language'];
		$colorcode = $row['Colorcode'];		
		
		$row = mysql_fetch_array($result_passwd);
		$passwd = $row['passwd'];
		
		$form = get_profile_form($fullname,$company,$username,$position,$comments,"",$passwd,$language,$colorcode,$userkey);
		print_mbase_html("Update My Profile","",$form);
	}
}

mysql_close($mysql);
//phpinfo();
?>