Change User Name
The change-username.php script lets administrators change the PSB™ administrator's user name. Changing administrator password and changing users password are done in other scripts.
In editing the user name in the PSB™ host's members table, the configure.php is included to establish server and database connections. Next, we get the username and newusername variables POSTed to our PHP script, with the username being POSTed from the page that sent us here and the other variable getting POSTed from this members table editing page to itself. Note that if the Administrator is not logged in and therefore his username (stored in $U) is unset, he is sent to the login page. If the $A variable is not set, he has not yet entered data into the form.
Once the $A variable is set, the PHP script updates the specified user name in the PSB™ host's members table where all administrators' data is stored. Note that "UPDATE members SET username = '$A' WHERE username = '$U'" is the table query used, and it only works if the administrator's username is located in the members table. Note that in MySQL queries, single quotes are used around data variables, but when there are variables that represent table names, no quotes should be used. This does not occur in this particular query but does occur in scripts that perform such tasks as editing group members or editing status code meanings, and in this script's "RENAME TABLE $TheOldName TO $TheNewName" which comes later than the username editing query. Note the absence of quotes around table name variables.
Not only does the script update the user name in the members table, it also renames two other tables. Every administrator has an editable table of PSB™ status code meanings that uses his user name as part of its title, and a PSB™ table that also uses his user name as part of its title. The latter contains First Names, IDs, Comments, and Status Codes, which the psb.php script (the actual PSB™) uses to represent current statuses and comments. These are the data of the members of the administrator's PSB™ group. The query "RENAME TABLE $TheOldName TO $TheNewName" is used for the table renaming.
If the table gets updated successfully, you get a message to that effect. Success is detected by a special MySQL function, mysql_affected_rows(). Once the edit is done, there's a button to let the administrator return to the Administrators Page. Note that JSON is used to pass the user name from PHP to JavaScript and then it gets POSTed back to PHP by the form in this script as well as to the Administrator page. This keeps the user logged in so he need not login constantly as he uses various editing scripts.
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=windows-1252">
<TITLE>Change User Name</TITLE>
<meta name="description" content="Change User Name">
<meta name="keywords" content="Change User Name,php,javascript, dhtml, DHTML">
<style type="text/css">
BODY {margin-left:0; margin-right:0; margin-top:0;text-align:left}
p, li {font:13px Verdana; color:black;text-align:left}
h1 {font:bold 28px Verdana; color:black;text-align:center}
h2 {font:bold 24px Verdana;text-align:center}
h3 {font:bold 15px Verdana;}
</style>
</head><body>
<?php
include_once"configure.php";
$U=$_POST['username'];
$A=$_POST['newusername'];
if (!isset($U)) {
echo '<script language="javascript">alert("Please login.");
window.location="login.php"; </script>';
}
if (isset($A)) {
mysql_query("UPDATE members SET username = '$A' WHERE username = '$U'") or die(mysql_error());
$rc = mysql_affected_rows();
if ($rc>0){
echo '<script language="javascript">alert("The change was successfully accomplished.");</script>';}
else{echo '<script language="javascript">alert("The change was unsuccessful.");</script>';}
$TheOldName=$U."_psb";
$TheNewName=$A."_psb";
mysql_query("RENAME TABLE $TheOldName TO $TheNewName");
$TheOldName=$U."_meaning";
$TheNewName=$A."_meaning";
mysql_query("RENAME TABLE $TheOldName TO $TheNewName");
$U=$A;
unset($A);
}
mysql_close();
?>
<h1>Change User Name</h1>
<div id='pw' style='position:absolute;top:150px;left:200px;width:300px'><table style="background-color:#8aa;border-color:#00f" border='6' cellspacing=0 cellpadding=6><tr><td>
<form id='formpw' name="formpw" method="post" action="change-username.php" onsubmit="return validateusername()">
<label for="User Name"><b>User Name: </b><input type="text" name="newusername" size="20" maxlength="20" value=""></label><br><br>
<input type="hidden" name="username" value=" ">
<input type="submit" value="Change User Name"><br><br>
<input type="reset" value="Reset"></form></td></tr></table>
<br><br>
<form name="MyForm" method="POST" action="administrator-page.php">
<input type="button" value="Return to Administrator Page" onclick="goback()">
<input type="hidden" name="username" value=" ">
</form>
</div>
<script language="javascript">
function goback(){
var u = <?php echo json_encode($U); ?>;
document.MyForm.username.value=u;
document.MyForm.submit();}
function validateusername(){
var u = <?php echo json_encode($U); ?>;
document.formpw.username.value=u;
var ck_username = /^[A-Za-z0-9_]{4,30}$/;
if (document.peopleForm.newusername.value.search(ck_username)==-1)
{alert("Please only enter letters, numbers and underline for user names, and enter 4 to 30 characters.");return false}
return true;}
</script>
</body></html>