| [Top level directory] [Classes] [Functions] [Constants] [Variables] |
XMB Open Source Forum Software - PHP Cross Reference |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * eXtreme Message Board 4 * XMB 1.9.11 5 * 6 * Developed And Maintained By The XMB Group 7 * Copyright (c) 2001-2010, The XMB Group 8 * http://www.xmbforum.com 9 * 10 * Sponsored By iEntry, Inc. 11 * http://www.ientry.com 12 * 13 * This program is free software; you can redistribute it and/or 14 * modify it under the terms of the GNU General Public License 15 * as published by the Free Software Foundation; either version 2 16 * of the License, or (at your option) any later version. 17 * 18 * This program is distributed in the hope that it will be useful, 19 * but WITHOUT ANY WARRANTY; without even the implied warranty of 20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 21 * GNU General Public License for more details. 22 * 23 * You should have received a copy of the GNU General Public License 24 * along with this program. If not, see <http://www.gnu.org/licenses/>. 25 * 26 **/ 27 28 define('X_SCRIPT', 'editprofile.php'); 29 30 require 'header.php'; 31 32 loadtemplates( 33 'memcp_profile_avatarurl', 34 'memcp_profile_avatarlist', 35 'admintool_editprofile' 36 ); 37 38 nav('<a href="./cp.php">'.$lang['textcp'].'</a>'); 39 nav($lang['texteditpro']); 40 41 eval('$css = "'.template('css').'";'); 42 43 eval('$header = "'.template('header').'";'); 44 45 if (X_GUEST) { 46 redirect("{$full_url}misc.php?action=login", 0); 47 exit; 48 } 49 50 if (!X_SADMIN) { 51 error($lang['superadminonly']); 52 } 53 54 $user = postedVar('user', '', TRUE, TRUE, FALSE, 'g'); 55 56 $query = $db->query("SELECT * FROM ".X_PREFIX."members WHERE username='$user'"); 57 if ($db->num_rows($query) != 1) { 58 error($lang['nomember']); 59 } 60 $member = $db->fetch_array($query); 61 62 if (noSubmit('editsubmit')) { 63 $sadminselect = $adminselect = $smodselect = ''; 64 $modselect = $memselect = $banselect = ''; 65 switch($member['status']) { 66 case 'Super Administrator': 67 $sadminselect = $selHTML; 68 break; 69 case 'Administrator': 70 $adminselect = $selHTML; 71 break; 72 case 'Super Moderator': 73 $smodselect = $selHTML; 74 break; 75 case 'Moderator': 76 $modselect = $selHTML; 77 break; 78 case 'Member': 79 $memselect = $selHTML; 80 break; 81 case 'Banned': 82 $banselect = $selHTML; 83 break; 84 default: 85 $memselect = $selHTML; 86 break; 87 } 88 89 $custout = attrOut($member['customstatus']); 90 91 $checked = ''; 92 if ($member['showemail'] == 'yes') { 93 $checked = $cheHTML; 94 } 95 96 $newschecked = ''; 97 if ($member['newsletter'] == 'yes') { 98 $newschecked = $cheHTML; 99 } 100 101 $uou2uchecked = ''; 102 if ($member['useoldu2u'] == 'yes') { 103 $uou2uchecked = $cheHTML; 104 } 105 106 $ogu2uchecked = ''; 107 if ($member['saveogu2u'] == 'yes') { 108 $ogu2uchecked = $cheHTML; 109 } 110 111 $eouchecked = ''; 112 if ($member['emailonu2u'] == 'yes') { 113 $eouchecked = $cheHTML; 114 } 115 116 $invchecked = ''; 117 if ($member['invisible'] == 1) { 118 $invchecked = $cheHTML; 119 } 120 121 $registerdate = gmdate($dateformat, $member['regdate'] + ($addtime * 3600) + ($timeoffset * 3600)); 122 $lastvisitdate = gmdate($dateformat, $member['lastvisit'] + ($timeoffset * 3600) + ($addtime * 3600)); 123 $lastvisittime = gmdate($timecode, $member['lastvisit'] + ($timeoffset * 3600) + ($addtime * 3600)); 124 $lastlogdate = $lastvisitdate.' '.$lang['textat'].' '.$lastvisittime; 125 126 $currdate = gmdate($timecode, $onlinetime + ($addtime * 3600)); 127 eval($lang['evaloffset']); 128 129 $themelist = array(); 130 $themelist[] = '<select name="thememem">'; 131 $themelist[] = '<option value="0">'.$lang['textusedefault'].'</option>'; 132 $query = $db->query("SELECT themeid, name FROM ".X_PREFIX."themes ORDER BY name ASC"); 133 while($themeinfo = $db->fetch_array($query)) { 134 if ($themeinfo['themeid'] == $member['theme']) { 135 $themelist[] = '<option value="'.intval($themeinfo['themeid']).'" '.$selHTML.'>'.stripslashes($themeinfo['name']).'</option>'; 136 } else { 137 $themelist[] = '<option value="'.intval($themeinfo['themeid']).'">'.stripslashes($themeinfo['name']).'</option>'; 138 } 139 } 140 $themelist[] = '</select>'; 141 $themelist = implode("\n", $themelist); 142 $db->free_result($query); 143 144 $langfileselect = createLangFileSelect($member['langfile']); 145 146 $day = intval(substr($member['bday'], 8, 2)); 147 $month = intval(substr($member['bday'], 5, 2)); 148 $year = substr($member['bday'], 0, 4); 149 150 for($i = 0; $i <= 12; $i++) { 151 $sel[$i] = ''; 152 } 153 $sel[$month] = $selHTML; 154 155 $dayselect = array(); 156 $dayselect[] = '<select name="day">'; 157 $dayselect[] = '<option value=""> </option>'; 158 for($num = 1; $num <= 31; $num++) { 159 if ($day == $num) { 160 $dayselect[] = '<option value="'.$num.'" '.$selHTML.'>'.$num.'</option>'; 161 } else { 162 $dayselect[] = '<option value="'.$num.'">'.$num.'</option>'; 163 } 164 } 165 $dayselect[] = '</select>'; 166 $dayselect = implode("\n", $dayselect); 167 168 $u2uasel0 = $u2uasel1 = $u2uasel2 = ''; 169 switch($member['u2ualert']) { 170 case 2: 171 $u2uasel2 = $selHTML; 172 break; 173 case 1: 174 $u2uasel1 = $selHTML; 175 break; 176 case 0: 177 default: 178 $u2uasel0 = $selHTML; 179 break; 180 } 181 182 $check12 = $check24 = ''; 183 if ($member['timeformat'] == 24) { 184 $check24 = $cheHTML; 185 } else { 186 $check12 = $cheHTML; 187 } 188 189 if ($SETTINGS['sigbbcode'] == 'on') { 190 $bbcodeis = $lang['texton']; 191 } else { 192 $bbcodeis = $lang['textoff']; 193 } 194 195 if ($SETTINGS['sightml'] == 'on') { 196 $htmlis = $lang['texton']; 197 } else { 198 $htmlis = $lang['textoff']; 199 } 200 201 $avatar = ''; 202 if ($SETTINGS['avastatus'] == 'on') { 203 eval('$avatar = "'.template('memcp_profile_avatarurl').'";'); 204 } 205 206 if ($SETTINGS['avastatus'] == 'list') { 207 $avatars = '<option value="" />'.$lang['textnone'].'</option>'; 208 $dir1 = opendir(ROOT.'images/avatars'); 209 while($avFile = readdir($dir1)) { 210 if (is_file(ROOT.'images/avatars/'.$avFile) && $avFile != '.' && $avFile != '..' && $avFile != 'index.html') { 211 $avatars .= '<option value="./images/avatars/'.$avFile.'" />'.$avFile.'</option>'; 212 } 213 } 214 $avatars = str_replace('value="'.$member['avatar'].'"', 'value="'.$member['avatar'].'" selected="selected"', $avatars); 215 $avatarbox = '<select name="newavatar" onchange="document.images.avatarpic.src=this[this.selectedIndex].value;">'.$avatars.'</select>'; 216 eval('$avatar = "'.template('memcp_profile_avatarlist').'";'); 217 closedir($dir1); 218 } 219 220 $lang['searchusermsg'] = str_replace('*USER*', $member['username'], $lang['searchusermsg']); 221 222 $member['icq'] = ($member['icq'] > 0) ? $member['icq'] : ''; 223 224 $userrecode = recodeOut($member['username']); 225 226 eval('$editpage = "'.template('admintool_editprofile').'";'); 227 } else { 228 $status = postedVar('status'); 229 $origstatus = $member['status']; 230 $query = $db->query("SELECT COUNT(uid) FROM ".X_PREFIX."members WHERE status='Super Administrator'"); 231 $sa_count = $db->result($query, 0); 232 $db->free_result($query); 233 if ($origstatus == 'Super Administrator' And $status != 'Super Administrator' And $sa_count == 1) { 234 error($lang['lastsadmin']); 235 } 236 $cusstatus = postedVar('cusstatus', '', FALSE); 237 $langfilenew = postedVar('langfilenew'); 238 $result = $db->query("SELECT devname FROM ".X_PREFIX."lang_base WHERE devname='$langfilenew'"); 239 if ($db->num_rows($result) == 0) { 240 $langfilenew = $SETTINGS['langfile']; 241 } 242 243 $timeoffset1 = isset($_POST['timeoffset1']) && is_numeric($_POST['timeoffset1']) ? $_POST['timeoffset1'] : 0; 244 $thememem = formInt('thememem'); 245 $tppnew = isset($_POST['tppnew']) ? (int) $_POST['tppnew'] : $SETTINGS['topicperpage']; 246 $pppnew = isset($_POST['pppnew']) ? (int) $_POST['pppnew'] : $SETTINGS['postperpage']; 247 248 $dateformatnew = postedVar('dateformatnew', '', FALSE, TRUE); 249 $dateformattest = attrOut($dateformatnew, 'javascript'); // NEVER allow attribute-special data in the date format because it can be unescaped using the date() parser. 250 if (strlen($dateformatnew) == 0 Or $dateformatnew != $dateformattest) { 251 $dateformatnew = $SETTINGS['dateformat']; 252 } 253 unset($dateformattest); 254 255 $timeformatnew = formInt('timeformatnew'); 256 if ($timeformatnew != 12 And $timeformatnew != 24) { 257 $timeformatnew = $SETTINGS['timeformat']; 258 } 259 260 $saveogu2u = formYesNo('saveogu2u'); 261 $emailonu2u = formYesNo('emailonu2u'); 262 $useoldu2u = formYesNo('useoldu2u'); 263 $invisible = formInt('newinv'); 264 $showemail = formYesNo('newshowemail'); 265 $newsletter = formYesNo('newnewsletter'); 266 $u2ualert = formInt('u2ualert'); 267 $year = formInt('year'); 268 $month = formInt('month'); 269 $day = formInt('day'); 270 $bday = iso8601_date($year, $month, $day); 271 $location = postedVar('newlocation', 'javascript', TRUE, TRUE, TRUE); 272 $icq = postedVar('newicq', '', FALSE, FALSE); 273 $icq = ($icq && is_numeric($icq) && $icq > 0) ? $icq : 0; 274 $yahoo = postedVar('newyahoo', 'javascript', TRUE, TRUE, TRUE); 275 $aim = postedVar('newaim', 'javascript', TRUE, TRUE, TRUE); 276 $msn = postedVar('newmsn', 'javascript', TRUE, TRUE, TRUE); 277 $email = postedVar('newemail', 'javascript', TRUE, TRUE, TRUE); 278 $site = postedVar('newsite', 'javascript', TRUE, TRUE, TRUE); 279 $bio = postedVar('newbio', 'javascript', TRUE, TRUE, TRUE); 280 $mood = postedVar('newmood', 'javascript', TRUE, TRUE, TRUE); 281 $sig = postedVar('newsig', 'javascript', ($SETTINGS['sightml']=='off'), TRUE, TRUE); 282 283 if ($SETTINGS['avastatus'] == 'on') { 284 $avatar = postedVar('newavatar', 'javascript', TRUE, TRUE, TRUE); 285 $rawavatar = postedVar('newavatar', '', FALSE, FALSE); 286 287 $newavatarcheck = postedVar('newavatarcheck'); 288 289 $max_size = explode('x', $SETTINGS['max_avatar_size']); 290 291 if (preg_match('#^(http|ftp)://[:a-z\\./_\-0-9%~]+(\?[a-z=0-9&_\-;~]*)?$#Smi', $rawavatar) == 0) { 292 $avatar = ''; 293 } elseif (ini_get('allow_url_fopen')) { 294 if ($max_size[0] > 0 And $max_size[1] > 0 And strlen($rawavatar) > 0) { 295 $size = @getimagesize($rawavatar); 296 if ($size === FALSE) { 297 $avatar = ''; 298 } elseif ((($size[0] > $max_size[0] && $max_size[0] > 0) || ($size[1] > $max_size[1] && $max_size[1] > 0)) && !X_SADMIN) { 299 error($lang['avatar_too_big'] . $SETTINGS['max_avatar_size'] . 'px'); 300 } 301 } 302 } elseif ($newavatarcheck == "no") { 303 $avatar = ''; 304 } 305 unset($rawavatar); 306 } elseif ($SETTINGS['avastatus'] == 'list') { 307 $rawavatar = postedVar('newavatar', '', FALSE, FALSE); 308 $dirHandle = opendir(ROOT.'images/avatars'); 309 $filefound = FALSE; 310 while($avFile = readdir($dirHandle)) { 311 if ($rawavatar == './images/avatars/'.$avFile) { 312 if (is_file(ROOT.'images/avatars/'.$avFile) && $avFile != '.' && $avFile != '..' && $avFile != 'index.html') { 313 $filefound = TRUE; 314 } 315 } 316 } 317 closedir($dirHandle); 318 unset($rawavatar); 319 if ($filefound) { 320 $avatar = postedVar('newavatar', 'javascript', TRUE, TRUE, TRUE); 321 } else { 322 $avatar = ''; 323 } 324 } else { 325 $avatar = ''; 326 } 327 328 $db->query("UPDATE ".X_PREFIX."members SET status='$status', customstatus='$cusstatus', email='$email', site='$site', aim='$aim', location='$location', bio='$bio', sig='$sig', showemail='$showemail', timeoffset='$timeoffset1', icq='$icq', avatar='$avatar', yahoo='$yahoo', theme='$thememem', bday='$bday', langfile='$langfilenew', tpp='$tppnew', ppp='$pppnew', newsletter='$newsletter', timeformat='$timeformatnew', msn='$msn', dateformat='$dateformatnew', mood='$mood', invisible='$invisible', saveogu2u='$saveogu2u', emailonu2u='$emailonu2u', useoldu2u='$useoldu2u', u2ualert=$u2ualert WHERE username='$user'"); 329 $newpassword = $_POST['newpassword']; 330 if ($newpassword) { 331 $newpassword = md5($newpassword); 332 $db->query("UPDATE ".X_PREFIX."members SET password='$newpassword' WHERE username='$user'"); 333 } 334 335 message($lang['adminprofilechange'], TRUE, '', '', $full_url.'cp.php', true, false, true); 336 } 337 338 end_time(); 339 eval('$footer = "'.template('footer').'";'); 340 echo $header, $editpage, $footer; 341 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Tue Jan 26 20:11:23 2010 | Home | Forum | Download | SVN | Bug Tracker | Documentation | Cross-referenced by PHPXref 0.7 |