email_addr) { echo "New email address is same as existing address; no change."; } else { $existing = lookup_user_email_addr($email_addr); if ($existing) { echo "There's already an account with that email address"; } else { $passwd_hash = md5($passwd.$user->email_addr); // deal with the case where user hasn't set passwd // (i.e. passwd is account key) // if ($passwd_hash != $user->passwd_hash) { $passwd = $user->authenticator; $passwd_hash = md5($passwd.$user->email_addr); } if ($passwd_hash != $user->passwd_hash) { echo "Invalid password."; } else { $passwd_hash = md5($passwd.$email_addr); $query = "update user set email_addr='$email_addr', passwd_hash='$passwd_hash' where id=$user->id"; $result = mysql_query($query); if ($result) { echo " The email address of your account is now $email_addr. "; } else { echo " We can't update your email address due to a database problem. Please try again later. "; } } } } page_tail(); ?>