From d10c98f8fd69b2702916392b50dcbdad9d873dc7 Mon Sep 17 00:00:00 2001 From: dave Date: Sat, 26 Sep 2009 18:18:43 +0000 Subject: [PATCH] - Only validate fields we care about, not any field we find in the loaded user --- user_personal.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/user_personal.php b/user_personal.php index e8042e4..938132c 100644 --- a/user_personal.php +++ b/user_personal.php @@ -113,16 +113,15 @@ case 'save': /* Set values */ foreach($fields as $f) { $u[$f] = stripslashes($_POST[$f]); - } - - foreach($u as $f=>$v) { - if($v == '') continue; + /* Allow the user to clear a field regardless of regex */ + if($u[$f] == '') continue; /* See if this field has a validate */ if(isset($user_personal_fields[$f]['regexp'])) { /* Match the regex */ - if(!ereg($user_personal_fields[$f]['regexp'], $v)) { + if(!ereg($user_personal_fields[$f]['regexp'], $u[$f])) { /* Bad */ + echo "bad regex match ({$user_personal_fields[$f]['regexp']})"; $save = false; $errorfields[] = $f; } @@ -153,13 +152,14 @@ case 'save': $q=mysql_query("SELECT id FROM users WHERE email='$em' AND uid!='{$u['uid']}' AND deleted='no'"); if(mysql_num_rows($q) > 0) { error_("That email address is in use by another user"); + echo "email error"; $save = false; } if($save == true) { user_save($u); happy_("%1 %2 successfully updated",array($_POST['firstname'],$_POST['lastname'])); - } + } exit; }