{$element[1]} EOT; break; case 'text' : if ($form_data[$element[1]] == '') break; echo << {$element[2]} {$form_data[$element[1]]} EOT; break; case 'input' : $value = $form_data[$element[1]]; echo << {$element[2]} EOT; break; case 'password' : echo << {$element[2]} EOT; break; case 'thumb' : $value = $form_data[$element[1]]; if ($value) echo <<

$value

EOT; break; default: cpg_die(CRITICAL_ERROR, 'Invalid action for form creation ' . $element[0], __FILE__, __LINE__); } } function get_post_var($var) { global $HTTP_POST_VARS, $lang_errors; if (!isset($HTTP_POST_VARS[$var])) cpg_die(CRITICAL_ERROR, $lang_errors['param_missing'] . " ($var)", __FILE__, __LINE__); return addslashes(trim($HTTP_POST_VARS[$var])); } $op = isset($HTTP_GET_VARS['op']) ? $HTTP_GET_VARS['op'] : ''; $uid = isset($HTTP_GET_VARS['uid']) ? (int)$HTTP_GET_VARS['uid'] : -1; if (isset($HTTP_POST_VARS['change_pass'])) $op = 'change_pass'; if (isset($HTTP_POST_VARS['change_profile']) && USER_ID && !defined('UDB_INTEGRATION')) { $location = get_post_var('location'); $interests = get_post_var('interests'); $website = get_post_var('website'); $occupation = get_post_var('occupation'); $sql = "UPDATE {$CONFIG['TABLE_USERS']} SET " . "user_location = '$location', " . "user_interests = '$interests', " . "user_website = '$website', " . "user_occupation = '$occupation' " . "WHERE user_id = '" . USER_ID . "'"; $result = db_query($sql); $title = sprintf($lang_register_php['x_s_profile'], USER_NAME); $redirect = "index.php"; pageheader($title, ""); msg_box($lang_info, $lang_register_php['update_success'], $lang_continue, $redirect); pagefooter(); ob_end_flush(); exit; } if (isset($HTTP_POST_VARS['change_password']) && USER_ID && !defined('UDB_INTEGRATION')) { $current_pass = get_post_var('current_pass'); $new_pass = get_post_var('new_pass'); $new_pass_again = get_post_var('new_pass_again'); if (strlen($new_pass) < 2) cpg_die(ERROR, $lang_register_php['err_password_short'], __FILE__, __LINE__); if ($new_pass != $new_pass_again) cpg_die(ERROR, $lang_register_php['err_password_mismatch'], __FILE__, __LINE__); $sql = "UPDATE {$CONFIG['TABLE_USERS']} SET " . "user_password = '$new_pass' " . "WHERE user_id = '" . USER_ID . "' AND BINARY user_password = '$current_pass'"; $result = db_query($sql); if (!mysql_affected_rows()) cpg_die(ERROR, $lang_register_php['pass_chg_error'], __FILE__, __LINE__); setcookie($CONFIG['cookie_name'] . '_pass', md5($HTTP_POST_VARS['new_pass']), time() + 86400, $CONFIG['cookie_path']); $title = sprintf($lang_register_php['x_s_profile'], USER_NAME); $redirect = $PHP_SELF . "?op=edit_profile"; pageheader($title, ""); msg_box($lang_info, $lang_register_php['pass_chg_success'], $lang_continue, $redirect); pagefooter(); ob_end_flush(); exit; } switch ($op) { // ------------------------------------------------------------------------- // case 'edit_profile' : if (!USER_ID) cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__); if (defined('UDB_INTEGRATION')) udb_edit_profile(USER_ID); $sql = "SELECT user_name, user_email, user_group, UNIX_TIMESTAMP(user_regdate) as user_regdate, group_name, " . "user_location, user_interests, user_website, user_occupation, user_group_list, " . "COUNT(pid) as pic_count, ROUND(SUM(total_filesize)/1024) as disk_usage, group_quota " . "FROM {$CONFIG['TABLE_USERS']} AS u " . "INNER JOIN {$CONFIG['TABLE_USERGROUPS']} AS g ON user_group = group_id " . "LEFT JOIN {$CONFIG['TABLE_PICTURES']} AS p ON p.owner_id = u.user_id " . "WHERE user_id ='" . USER_ID . "' " . "GROUP BY user_id "; $result = db_query($sql); if (!mysql_num_rows($result)) cpg_die(ERROR, $lang_register_php['err_unk_user'], __FILE__, __LINE__); $user_data = mysql_fetch_array($result); mysql_free_result($result); $group_list = ''; if ($user_data['user_group_list'] != '') { $sql = "SELECT group_name " . "FROM {$CONFIG['TABLE_USERGROUPS']} " . "WHERE group_id IN ({$user_data['user_group_list']}) AND group_id != {$user_data['user_group']} " . "ORDER BY group_name"; $result = db_query($sql); while ($row = mysql_fetch_array($result)) { $group_list .= $row['group_name'] . ', '; } mysql_free_result($result); $group_list = '
(' . substr($group_list, 0, -2) . ')'; } $form_data = array('username' => $user_data['user_name'], 'reg_date' => localised_date($user_data['user_regdate'], $register_date_fmt), 'group' => $user_data['group_name'] . $group_list, 'email' => $user_data['user_email'], 'disk_usage' => $user_data['disk_usage'] . ($user_data['group_quota'] ? '/' . $user_data['group_quota'] : '') . ' ' . $lang_byte_units[1], 'location' => $user_data['user_location'], 'interests' => $user_data['user_interests'], 'website' => $user_data['user_website'], 'occupation' => $user_data['user_occupation'], ); $title = sprintf($lang_register_php['x_s_profile'], USER_NAME); pageheader($title); starttable(-1, $title, 2); echo << EOT; make_form($edit_profile_form_param, $form_data); echo << EOT; endtable(); pagefooter(); ob_end_flush(); break; // ------------------------------------------------------------------------- // case 'change_pass' : if (!USER_ID || defined('UDB_INTEGRATION')) cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__); $title = $lang_register_php['change_pass']; pageheader($title); starttable(-1, $title, 2); echo << EOT; make_form($change_password_form_param, ''); echo << EOT; endtable(); pagefooter(); ob_end_flush(); break; // ------------------------------------------------------------------------- // default : if (defined('UDB_INTEGRATION')) { $user_data = udb_get_user_infos($uid); } else { $sql = "SELECT user_name, user_email, UNIX_TIMESTAMP(user_regdate) as user_regdate, group_name, " . "user_location, user_interests, user_website, user_occupation " . "FROM {$CONFIG['TABLE_USERS']} AS u " . "INNER JOIN {$CONFIG['TABLE_USERGROUPS']} AS g ON user_group = group_id " . "WHERE user_id ='$uid'"; $result = db_query($sql); if (!mysql_num_rows($result)) cpg_die(ERROR, $lang_register_php['err_unk_user'], __FILE__, __LINE__); $user_data = mysql_fetch_array($result); mysql_free_result($result); } if ($FORBIDDEN_SET != "") $FORBIDDEN_SET = "AND $FORBIDDEN_SET"; $query = "SELECT count(*), MAX(pid) FROM {$CONFIG['TABLE_PICTURES']} AS p WHERE owner_id = '$uid' AND approved = 'YES' $FORBIDDEN_SET"; $result = db_query($query); $nbEnr = mysql_fetch_array($result); $picture_count = $nbEnr[0]; $thumb_pid = $nbEnr[1]; mysql_free_result($result); $result = db_query("SELECT count(*) FROM {$CONFIG['TABLE_ALBUMS']} AS p WHERE category = '" . (FIRST_USER_CAT + $uid) . "' $FORBIDDEN_SET"); $nbEnr = mysql_fetch_array($result); $album_count = $nbEnr[0]; mysql_free_result($result); $result = db_query("SELECT count(*), MAX(msg_id) FROM {$CONFIG['TABLE_COMMENTS']} as c, {$CONFIG['TABLE_PICTURES']} as p WHERE c.pid = p.pid AND author_id = '$uid' $FORBIDDEN_SET"); $nbEnr = mysql_fetch_array($result); $comment_count = $nbEnr[0]; $lastcom_id = $nbEnr[1]; mysql_free_result($result); $lastcom = ''; if ($comment_count) { $sql = "SELECT filepath, filename, url_prefix, pwidth, pheight, msg_author, UNIX_TIMESTAMP(msg_date) as msg_date, msg_body " . "FROM {$CONFIG['TABLE_COMMENTS']} AS c, {$CONFIG['TABLE_PICTURES']} AS p " . "WHERE msg_id='" . $lastcom_id . "' AND c.pid = p.pid"; $result = db_query($sql); if (mysql_num_rows($result)) { $row = mysql_fetch_array($result); mysql_free_result($result); $pic_url = get_pic_url($row, 'thumb'); if (!is_image($row['filename'])) { $image_info = getimagesize($pic_url); $row['pwidth'] = $image_info[0]; $row['pheight'] = $image_info[1]; } $image_size = compute_img_size($row['pwidth'], $row['pheight'], $CONFIG['thumb_width']); $mime_content = get_type($row['filename']); $lastcom = ''; $lastcom = '' . '' . $lastcom . '
'; $lastcom .= "" . $row['msg_author'] . '' . "" . localised_date($row['msg_date'], $lastcom_date_fmt) . '' . "" . $row['msg_body'] . ''; } } $user_thumb = ''; if ($picture_count) { $sql = "SELECT filepath, filename, url_prefix, pwidth, pheight " . "FROM {$CONFIG['TABLE_PICTURES']} " . "WHERE pid='" . $thumb_pid . "'"; $result = db_query($sql); if (mysql_num_rows($result)) { $picture = mysql_fetch_array($result); mysql_free_result($result); $pic_url = get_pic_url($picture, 'thumb'); if (!is_image($picture['filename'])) { $image_info = getimagesize($pic_url); $picture['pwidth'] = $image_info[0]; $picture['pheight'] = $image_info[1]; } $image_size = compute_img_size($picture['pwidth'], $picture['pheight'], $CONFIG['thumb_width']); $mime_content = get_type($picture['filename']); $user_thumb = ''; $user_thumb = '' . '' . $user_thumb . ''; } } $quick_jump = ($user_thumb . $lastcom) ? '' . $user_thumb . $lastcom . '' : ''; $form_data = array('username' => $user_data['user_name'], 'reg_date' => localised_date($user_data['user_regdate'], $register_date_fmt), 'group' => $user_data['group_name'], 'location' => $user_data['user_location'], 'interests' => $user_data['user_interests'], 'website' => make_clickable($user_data['user_website']), 'occupation' => $user_data['user_occupation'], 'user_thumb' => $quick_jump, ); $title = sprintf($lang_register_php['x_s_profile'], $user_data['user_name']); pageheader($title); starttable(-1, $title, 2); make_form($display_profile_form_param, $form_data); endtable(); pagefooter(); ob_end_flush(); break; } ?>