First code received by Master Leon

pages/validation_option.php

@@ -0,0 +1,62 @@
+<?
+session_start(); 
+
+$id = $_SESSION['id'];
+mysql_connect("leon.redby.fr", "leon0", "7268032");
+mysql_select_db("leon0");
+$x = mysql_query("SELECT * FROM user WHERE id='".$id."'");
+$donnees = mysql_fetch_array($x);
+
+$pseudo = $donnees['pseudo'];
+$mail = $donnees['mail'];
+$mdp = $donnees['mdp'];
+
+
+if (isset($_POST['nouveau_pseudo']) && $_POST['nouveau_pseudo']!='') {
+
+$result = mysql_query("SELECT pseudo FROM user WHERE pseudo='".$_POST['nouveau_pseudo']."'");
+if(mysql_num_rows($result)>=1)		
+{
+echo "Ce pseudo est déja utilisé<br><br><br>"; 
+}
+else {
+$pseudo=htmlspecialchars($_POST['nouveau_pseudo']);
+mysql_query("UPDATE `user` SET pseudo='".$pseudo."' WHERE ID='".$id."'"); 
+} 
+} else {}
+
+if (isset($_POST['ancien_mdp']) && isset($_POST['nouveau_mdp']) && isset($_POST['nouveau_mdp2']) && $_POST['nouveau_mdp']!="" && $_POST['nouveau_mdp2']!="" && $_POST['ancien_mdp'] !='' ) {
+	if(isset($_POST['ancien_mdp']) == $mdp) {
+		if  ($_POST['nouveau_mdp'] == $_POST['nouveau_mdp2']) {
+			$password = htmlspecialchars($_POST['nouveau_mdp']);
+			mysql_query("UPDATE `user` SET mdp='".$password."' WHERE ID='".$id."'");
+		}
+		else { echo "Validation du mot de passe faux"; }
+	}
+	else { echo "Ancien mot de passe faux"; }
+}
+
+	
+
+if (isset($_POST['nouveau_mail']) && $_POST['nouveau_mail']!='')
+{
+    if (preg_match("#^[a-z0-9._-]+@[a-z0-9._-]{2,}\.[a-z]{2,4}$#", $_POST['nouveau_mail']))
+    {
+		
+		$result = mysql_query("SELECT mail FROM user WHERE mail='".$_POST["nouveau_mail"]."'");
+		if(mysql_num_rows($result)>=1)		
+			{echo "Cette adresse mail est déja utilisé"; 
+			}
+		else		
+		{	$mail=htmlspecialchars($_POST['nouveau_mail']);
+			mysql_query("UPDATE `user` SET mail='".$mail."' WHERE ID='".$id."'"); 	}
+    }
+    else
+    { echo "L'adresse " . $_POST['nouveau_mail'] . " n'est pas valide";}
+}
+
+
+mysql_close();
+@header("Location:option.php"); 
+
+?>