Your IP : 216.73.216.162
<?php
include_once('./inc/init.inc.php');
include_once('./inc/secure.inc.php');
/*
$email=substr(str_replace("'","''",$_POST['email']),0,250);
$adr=substr(str_replace("'","''",$_POST['adr']),0,250);
$cp=substr(str_replace("'","''",$_POST['cp']),0,250);
$ville=substr(str_replace("'","''",$_POST['ville']),0,250);
$gsm=substr(str_replace("'","''",$_POST['gsm']),0,250);
*/
$email=substr($_POST['email'],0,250);
$adr=substr($_POST['adr'],0,250);
$cp=substr($_POST['cp'],0,250);
$ville=substr($_POST['ville'],0,250);
$gsm=substr($_POST['gsm'],0,250);
$sql = "select mdp from reservation_client where id='".$_SESSION['id_client']."'";
$req = mysql_query($sql) or die('Erreur SQL !'.mysql_error());
$client = mysql_fetch_assoc($req);
if (strlen($_POST['ancien_mdp'])>=1){
if ($client['mdp']==$_POST['ancien_mdp']){
if($_POST['nouveau_mdp']==$_POST['conf_mdp']){
if (strlen($_POST['conf_mdp'])>=5){
$sql = "update reservation_client set mdp = '".$_POST['conf_mdp']."', email='".$email."', adr='".$adr."', cp='".$cp."', ville='".$ville."', gsm='".$gsm."' where id =".$_SESSION['id_client'];
$req = mysql_query($sql) or die('Erreur SQL !'.mysql_error());
header('Location: reservation.php');
}
else{
header('Location: fiche_client.php?error=3');
}
}
else{
header('Location: fiche_client.php?error=2');
}
}
else{
header('Location: fiche_client.php?error=1');
}
}
else{
$sql = "update reservation_client set email='".$email."', adr='".$adr."', cp='".$cp."', ville='".$ville."', gsm='".$gsm."' where id =".$_SESSION['id_client'];
$req = mysql_query($sql) or die('Erreur SQL !'.mysql_error());
header('Location: reservation.php');
}
mysql_close();
?>