HB/pages/validation_option.php

<?
session_start(); 

$id = $_SESSION['id'];
mysql_connect("leon.redby.fr", "leon0", "7268032");
mysql_select_db("leon0");
$x = mysql_query("SELECT * FROM user WHERE id='".$id."'");
$donnees = mysql_fetch_array($x);

$pseudo = $donnees['pseudo'];
$mail = $donnees['mail'];
$mdp = $donnees['mdp'];


if (isset($_POST['nouveau_pseudo']) && $_POST['nouveau_pseudo']!='') {

$result = mysql_query("SELECT pseudo FROM user WHERE pseudo='".$_POST['nouveau_pseudo']."'");
if(mysql_num_rows($result)>=1)		
{
echo "Ce pseudo est d<>ja utilis<69><br><br><br>"; 
}
else {
$pseudo=htmlspecialchars($_POST['nouveau_pseudo']);
mysql_query("UPDATE `user` SET pseudo='".$pseudo."' WHERE ID='".$id."'"); 
} 
} else {}

if (isset($_POST['ancien_mdp']) && isset($_POST['nouveau_mdp']) && isset($_POST['nouveau_mdp2']) && $_POST['nouveau_mdp']!="" && $_POST['nouveau_mdp2']!="" && $_POST['ancien_mdp'] !='' ) {
	if(isset($_POST['ancien_mdp']) == $mdp) {
		if  ($_POST['nouveau_mdp'] == $_POST['nouveau_mdp2']) {
			$password = htmlspecialchars($_POST['nouveau_mdp']);
			mysql_query("UPDATE `user` SET mdp='".$password."' WHERE ID='".$id."'");
		}
		else { echo "Validation du mot de passe faux"; }
	}
	else { echo "Ancien mot de passe faux"; }
}

	

if (isset($_POST['nouveau_mail']) && $_POST['nouveau_mail']!='')
{
    if (preg_match("#^[a-z0-9._-]+@[a-z0-9._-]{2,}\.[a-z]{2,4}$#", $_POST['nouveau_mail']))
    {
		
		$result = mysql_query("SELECT mail FROM user WHERE mail='".$_POST["nouveau_mail"]."'");
		if(mysql_num_rows($result)>=1)		
			{echo "Cette adresse mail est d<>ja utilis<69>"; 
			}
		else		
		{	$mail=htmlspecialchars($_POST['nouveau_mail']);
			mysql_query("UPDATE `user` SET mail='".$mail."' WHERE ID='".$id."'"); 	}
    }
    else
    { echo "L'adresse " . $_POST['nouveau_mail'] . " n'est pas valide";}
}


mysql_close();
@header("Location:option.php"); 

?>