<?php
function FUNCT_USER_ACCOUNT_ADDDB($fname='',$lname='',$eml='',$addy='',$cty='',$stte='',$zp='',$phne=''){
$sql = 'UPDATE users SET FIRSTNAME="'.$fname.'",LASTNAME="'.$lname.'",EMAIL="'.$eml.'",ADDRESS="'.$addy.'",CITY="'.$cty.'",STATE="'.$stte.'",ZIP="'.$zp.'",PHONE="'.$phne.'" WHERE USERID = '.$_SESSION['USERID'].' LIMIT 1';
mysql_query($sql);
if(mysql_errno()){
$retval = $usersfuncmsg43;
}else{
$retval = $usersfuncmsg42;
}
return $retval;
}
function FUNCT_USER_ACCOUNT(){
include("includes/config.inc.php");
include("language/language.".$language.".php");
$useracct = '';
$result = mysql_query('SELECT * FROM users WHERE USERID = '.$_SESSION['USERID'].' LIMIT 1');
if (mysql_errno()){
$useracct = $usersfuncmsg41;
}else{
$cnt = mysql_num_rows($result);
if ($cnt > 0){
$row = mysql_fetch_array($result);
$useracct = '<form method="post" action="%URL%users/account">
<table width="100%" border="0" cellspacing="0" cellpadding="4">
<tr>
<td align="left">'.$usersfuncmsg1.'<br /><input type="text" name="firstname" value="'.$row['FIRSTNAME'].'" style="padding:2px 2px 2px 0;width:100%" /></td>
<td align="left">'.$usersfuncmsg2.'<br /><input type="text" name="lastname" value="'.$row['LASTNAME'].'" style="padding:2px 2px 2px 0;width:100%" /></td>
</tr>
<tr>
<td colspan="2" align="left">'.$usersfuncmsg3.'<br /><input type="text" name="email" value="'.$row['EMAIL'].'" style="padding:2px 2px 2px 0;width:65%" /><td>
</tr>
<tr>
<td colspan="2" align="left">'.$usersfuncmsg4.'<br /><input type="text" name="address" value="'.$row['ADDRESS'].'" style="padding:2px 2px 2px 0;width:100%" /></td>
</tr>
<tr>
<td align="left">'.$usersfuncmsg5.'<br /><input type="text" name="city" value="'.$row['CITY'].'" style="padding:2px 0 2px 0;width:100%" /></td>
<td align="left">'.$usersfuncmsg6.'<br /><input type="text" name="state" value="'.$row['STATE'].'" style="padding:2px 2px 2px 0;width:100%" /></td>
</tr>
<tr>
<td align="left">'.$usersfuncmsg7.'<br /><input type="text" name="zipcode" value="'.$row['ZIPCODE'].'" style="padding:2px 2px 2px 0;width:100%" /></td>
<td align="left">'.$usersfuncmsg8.'<br /><input type="text" name="phone" value="'.$row['PHONE'].'" style="padding:2px 2px 2px 0;width:100%" /></td>
</tr>
<tr>
<td colspan="2" align="right"><input type="submit" name="acctbtn" value="'.$usersfuncmsg9.'" style="padding:2px 25px 2px 25px;" /></td>
</tr>
</table></form>';
}else{
$useracct = $usersfuncmsg40;
}
}
return $useracct;
}
function FUNCT_USER_PROFILE_UPDATEDB($dpix='',$image='',$ulocation='',$uinterests='',$uhobbies='',$uwebsite='',$uportfolio='',$ubday='',$uaim='',$uicq='',$uyim='',$umsn='',$ugtalk='',$uisenab=''){
include("includes/config.inc.php");
include("language/language.".$language.".php");
$addimage = '';
$statusmsg = '';
if ($dpix == 'delpic'){
$addimage = ',IMAGE=""';
}else{
if ( (strlen($image['name']) > 0) && (strlen($image['tmp_name']) > 0) && (strlen($image['type']) > 0) ){
$filename = stripslashes($image['name']);
$extension = getExtension($filename);
$extension = strtolower($extension);
if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")){
$statusmsg = $usersfuncmsg10;
}else{
$size=filesize($image['tmp_name']);
if ($size > $max_img_size*1024){
$statusmsg = $usersfuncmsg11;
}else{
$data = file_get_contents($image['tmp_name']);
$data = mysql_real_escape_string($data);
$addimage = ',IMAGE="'.$data.'"';
}
}
}
}
mysql_query('UPDATE public_profile SET USERID='.$_SESSION['USERID'].',USERNAME="'.$_SESSION['USERNAME'].'"'.$addimage.',LOCATION="'.$ulocation.'",INTERESTS="'.$uinterests.'",HOBBIES="'.$uhobbies.'",WEBSITE="'.$uwebsite.'",PORTFOLIO="'.$uportfolio.'",BDAY="'.$ubday.'",AIM="'.$uaim.'",ICQ="'.$uicq.'",YIM="'.$uyim.'",MSN="'.$umsn.'",GTALK="'.$ugtalk.'",ISACTIVE="'.$uisenab.'" WHERE USERID='.$_SESSION['USERID'].' LIMIT 1');
if(mysql_errno()){
$statusmsg = $usersfuncmsg12;
}else{
if($uisenab == 'enabled'){
$statusmsg = $usersfuncmsg13;
}else{
$statusmsg = $usersfuncmsg14;
}
}
return $statusmsg;
}
function FUNCT_USER_PROFILE_ADDDB($image,$ulocation,$uinterests,$uhobbies,$uwebsite,$uportfolio,$ubday,$uaim,$uicq,$uyim,$umsn,$ugtalk,$uisenab){
include("includes/config.inc.php");
include("language/language.".$language.".php");
$addimage = '';
$statusmsg = '';
if ( (strlen($image['name']) > 0) && (strlen($image['tmp_name']) > 0) && (strlen($image['type']) > 0) ){
$filename = stripslashes($image['name']);
$extension = getExtension($filename);
$extension = strtolower($extension);
if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")){
$statusmsg = $usersfuncmsg10;
}else{
$size=filesize($image['tmp_name']);
if ($size > $max_img_size*1024){
$statusmsg = $usersfuncmsg11;
}else{
$data = file_get_contents($image['tmp_name']);
$data = mysql_real_escape_string($data);
$addimage = $data;
}
}
}
mysql_query('INSERT INTO public_profile (USERID,USERNAME,IMAGE,LOCATION,INTERESTS,HOBBIES,WEBSITE,PORTFOLIO,BDAY,AIM,ICQ,YIM,MSN,GTALK,ISACTIVE)
VALUES ('.$_SESSION['USERID'].',"'.$_SESSION['USERNAME'].'","'.$addimage.'","'.$ulocation.'","'.$uinterests.'","'.$uhobbies.'","'.$uwebsite.'","'.$uportfolio.'","'.$ubday.'","'.$uaim.'","'.$uicq.'","'.$uyim.'","'.$umsn.'","'.$ugtalk.'","'.$uisenab.'")');
if(mysql_errno()){
$statusmsg = $usersfuncmsg15;
}else{
if($uisenab == 'enabled'){
$statusmsg = $usersfuncmsg16;
}else{
$statusmsg = $usersfuncmsg17;
}
}
return $statusmsg;
}
function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}
function FUNCT_USER_MENU(){
include("includes/config.inc.php");
include("language/language.".$language.".php");
$usermenu = '
<p align="left">'.$usersfuncmsg39.'</p>
<h2 align="left"> '.$_SESSION['USERNAME'].'</h2>
<hr width="80%" style="margin-top:10px;margin-bottom:10px;">
<table width="100%" border="0" cellpadding="4" cellspacing="0">
<tr>
<td>
<a href="%URL%users/profile" title="'.$usersfuncmsg18.'">'.$usersfuncmsg18.'</a>
</td>
</tr>
<tr>
<td>
<a href="%URL%users/account" title="'.$usersfuncmsg19.'">'.$usersfuncmsg19.'</a>
</td>
</tr>
<tr>
<td>
<a href="%URL%users/password" title="'.$usersfuncmsg20.'">'.$usersfuncmsg20.'</a>
</td>
</tr>
<tr>
<td>
<a href="%URL%users/messages" title="'.$usersfuncmsg21.'">'.$usersfuncmsg21.'</a>
</td>
</tr>
<tr>
<td>
<a href="%URL%logout" title="'.$usersfuncmsg22.'">'.$usersfuncmsg22.'</a>
</td>
</tr>
</table>';
return $usermenu;
}
function FUNCT_PROFILE(){
include("includes/config.inc.php");
include("language/language.".$language.".php");
$userpix = '<img src="%URL%image.php?img='.$_SESSION['USERID'].'" alt="'.$_SESSION['USERNAME'].'">';
$row = array();
$ischecked = '';
$result = mysql_query('SELECT * FROM public_profile WHERE USERID ='.$_SESSION['USERID'].' LIMIT 1') or die(mysql_error());
if (mysql_errno()){
$userfrm = $usersfuncmsg23;
}else{
$cnt = mysql_num_rows($result);
if ($cnt > 0){
$row = mysql_fetch_array($result);
if ($row['ISACTIVE'] == 'enabled'){
$ischecked = 'CHECKED';
}
}
$userfrm = '<form enctype="multipart/form-data" method="post" action="%URL%users/profile">
<table width="100%" border="0" cellpadding="4" cellspacing="0" class="userfrm">
<tr>
<td colspan="2" align="center">'.
$userpix
.'<br /><br />
<center>
<input style="width:30px" type="checkbox" id="delpic" name="delpic" value="delpic" /><label for="delpic">'.$usersfuncmsg24.'</label>
<br />
<input type="file" name="uimage" />
</center>
<p align="left"><span style="font-size:.75em;font-style:italic;">'.$max_img_size.$usersfuncmsg25.'</span></p><br /></td>
</tr>
<tr>
<td align="left" class="userfrmlft">'.$usersfuncmsg26.'</td><td><input type="text" name="location" value="'.@$row['LOCATION'].'" /></td>
</tr>
<tr>
<td align="left" class="userfrmlft">'.$usersfuncmsg27.'</td><td><textarea name="interests">'.@$row['INTERESTS'].'</textarea></td>
</tr>
<tr>
<td align="left" class="userfrmlft">'.$usersfuncmsg28.'</td><td><textarea name="hobbies">'.@$row['HOBBIES'].'</textarea></td>
</tr>
<tr>
<td align="left" class="userfrmlft">'.$usersfuncmsg29.'</td><td><input type="text" name="website" value="'.@$row['WEBSITE'].'" /></td>
</tr>
<tr>
<td align="left" class="userfrmlft">'.$usersfuncmsg30.'</td><td><input type="text" name="portfolio" value="'.@$row['PORTFOLIO'].'" /></td>
</tr>
<tr>
<td align="left" class="userfrmlft">'.$usersfuncmsg31.'</td><td><input type="text" name="bday" value="'.@$row['BDAY'].'" /></td>
</tr>
<tr>
<td align="left" class="userfrmlft">'.$usersfuncmsg32.'</td><td><input type="text" name="aim" value="'.@$row['AIM'].'" /></td>
</tr>
<tr>
<td align="left" class="userfrmlft">'.$usersfuncmsg33.'</td><td><input type="text" name="icq" value="'.@$row['ICQ'].'" /></td>
</tr>
<tr>
<td align="left" class="userfrmlft">'.$usersfuncmsg34.'</td><td><input type="text" name="yim" value="'.@$row['YIM'].'" /></td>
</tr>
<tr>
<td align="left" class="userfrmlft">'.$usersfuncmsg35.'</td><td><input type="text" name="msn" value="'.@$row['MSN'].'" /></td>
</tr>
<tr>
<td align="left" class="userfrmlft">'.$usersfuncmsg36.'</td><td><input type="text" name="gtalk" value="'.@$row['GTALK'].'" /></td>
</tr>
<tr>
<td align="left" class="userfrmlft">'.$usersfuncmsg37.'</td><td><input type="CHECKBOX" name="isenab" value="enabled" '.$ischecked.' /></td>
</tr>
<tr>
<td colspan="2"><input type="submit" name="updatebtn" value="'.$usersfuncmsg38.'" class="userfrmbtn" /></td>
</tr>
</table>
</form>';
}
$userpage = $userfrm;
return $userpage;
}
function USER_PAGE_PROCESSING($wpage){
include("includes/config.inc.php");
include("language/language.".$language.".php");
if (isset($_SESSION['loggedon']) && ($_SESSION['loggedon'] == true)){
if(strpos($wpage,"%USERMENU%") !== false){
$wpage = str_replace('%USERMENU%',USER_MENU_SPAN(),$wpage);
}
if(strpos($wpage,"%USERACTIONMENU%") !== false ){
$wpage = str_replace('%USERACTIONMENU%',FUNCT_USER_MENU(),$wpage);
}
}else{
if(strpos($wpage,"%USERMENU%") !== false){
$wpage = str_replace('%USERMENU%','',$wpage);
}
if(strpos($wpage,"%USERACTIONMENU%") !== false ){
$wpage = str_replace('%USERACTIONMENU%','',$wpage);
}
}
if(strpos($wpage,"%SITENAME%") !== false){
$wpage = str_replace('%SITENAME%',$sitename,$wpage);
}
if(strpos($wpage,"%URL%") !== false){
$wpage = str_replace('%URL%',$url,$wpage);
}
if(strpos($wpage,"%STATUSMSG%") !== false){
$wpage = str_replace('%STATUSMSG%',$statmsg,$wpage);
}else{
$wpage = str_replace('%STATUSMSG%','',$wpage);
}
return $wpage;
}
function strip_tags_attributes($sSource, $aAllowedTags = array('<center>','</center>','<br />', '<br>', '<strong>','</strong>','<hr>','<p>','</p>', '<i>','</i>','<h2>','</h2>','<h1>','<h2>','<ul>','</ul>','<li>','</li>'), $aDisabledAttributes = array('onclick', 'ondblclick', 'onkeydown', 'onkeypress', 'onkeyup', 'onload', 'onmousedown', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onunload'))
{
if (empty($aDisabledAttributes)) {
return strip_tags($sSource, implode('', $aAllowedTags));
}
return preg_replace('/<(.*?)>/ie', "'<' . preg_replace(array('/javascript:[^\"\']*/i', '/(" . implode('|', $aDisabledAttributes) . ")=[\"\'][^\"\']*[\"\']/i', '/\s+/'), array('', '', ' '), stripslashes('\\1')) . '>'", strip_tags($sSource, implode('', $aAllowedTags)));
}
function registeredEmail($email){
$sql = 'SELECT * FROM users WHERE users.EMAIL = "'.$email.'" AND USERID NOT LIKE '.$_SESSION['USERID'].' LIMIT 5';
$result = mysql_query($sql) or die(mysql_error());
$cnt = mysql_num_rows($result);
if($cnt > 0){
$isregistered = false;
}else{
$isregistered = true;
}
return $isregistered;
}
function validEmail($email){
$isValid = true;
$atIndex = strrpos($email, "@");
if (is_bool($atIndex) && !$atIndex){
$isValid = false;
}else{
$domain = substr($email, $atIndex+1);
$local = substr($email, 0, $atIndex);
$localLen = strlen($local);
$domainLen = strlen($domain);
if ($localLen < 1 || $localLen > 64){
$isValid = false;
}else if ($domainLen < 1 || $domainLen > 255){
$isValid = false;
}else if ($local[0] == '.' || $local[$localLen-1] == '.'){
$isValid = false;
}else if (preg_match('/\\.\\./', $local)){
$isValid = false;
}else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain)){
$isValid = false;
}else if (preg_match('/\\.\\./', $domain)){
$isValid = false;
}else if(!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/',str_replace("\\\\","",$local))){
if (!preg_match('/^"(\\\\"|[^"])+"$/',str_replace("\\\\","",$local))){
$isValid = false;
}
}
if ($isValid && !(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A"))){
$isValid = false;
}
}
return $isValid;
}
?>