<?
/**********************************************************************************
* *
* write_profile.php *
* ------------------- *
* *
* Program : EverQuest Roster/Gallery v1.7b1 *
* Copyright : (C) 2001 - 2002 BladeTek Internet Services & *
* The EQRG Developement Team *
* Website : http://eqcode.roleplayersinteraction.com *
* Support Website : http://www.sourceforge.net/projects/eqrostergallery *
* Email : hide@address.com *
* *
* For license information, please read the documents directory which *
* came with this edition *
* *
**********************************************************************************/
function edit_profile($id, $vars) {
global $SESSION;
$query = "select id, login, passwd";
$query .= " from users";
$query .= " where id = $id";
query_db($query, $check_user);
if (!$SESSION["uid"]) {
$err = "You must be logged in to edit your profile.";
} elseif (($check_user["id"] != $SESSION["uid"]) && ($SESSION["level"] != ADMIN)) {
$err = "You do not own this profile.";
} else {
$temp = array_keys($vars);
$err = "";
$query = "";
if (!trim($vars["login"])) {
$err = ERR_ADD_USER_LOGIN_BLANK;
} elseif (eregi("[^[:alnum:]]", $vars["login"])) {
$err = ERR_ADD_USER_LOGIN_INVALID;
} elseif (!trim($vars["email"])) {
$err = ERR_ADD_USER_EMAIL_BLANK;
} elseif (validate_email(trim($vars["email"]))) {
$err = ERR_ADD_USER_EMAIL_INVALID;
}
if (!$err) {
$prof_query = "update users";
$prof_query .= " set email = '" . addslashes(trim($vars["email"])) . "', ";
$prof_query .= " timezone = '" . addslashes(trim($vars["timezone"])) . "', ";
$prof_query .= " realname = '" . addslashes(trim($vars["realname"])) . "', ";
$prof_query .= " websiteurl = '" . addslashes(trim($vars["websiteurl"])) . "', ";
$prof_query .= " yahooid = '" . addslashes(trim($vars["yahooid"])) . "', ";
$prof_query .= " icquni = '" . addslashes(trim($vars["icquni"])) . "', ";
$prof_query .= " msnuid = '" . addslashes(trim($vars["msnuid"])) . "', ";
$prof_query .= " aimuid = '" . addslashes(trim($vars["aimuid"])) . "', ";
$prof_query .= " location = '" . addslashes(trim($vars["location"])) . "', ";
$prof_query .= " occupation = '" . addslashes(trim($vars["occupation"])) . "', ";
$prof_query .= " intrests = '" . addslashes(trim($vars["intrests"])) . "', ";
$prof_query .= " skills = '" . addslashes(trim($vars["skills"])) . "', ";
$prof_query .= " biography = '" . addslashes(trim($vars["biography"])) . "', ";
$prof_query .= " update_time = unix_timestamp()";
$prof_query .= " where id = $id";
update_db($prof_query);
$query = "update users";
$query .= " set update_time = unix_timestamp()";
$query .= " where id = $id";
update_db($query);
}
}
return $err;
}
function pass_change($id, &$vars) {
global $SESSION;
$query = "select id, login, passwd";
$query .= " from users";
$query .= " where id = $id";
query_db($query, $check_user);
if (!$SESSION["uid"]) {
$err = "You must be logged in to edit your profile.";
} elseif (($check_user["id"] != $SESSION["uid"]) && ($SESSION["level"] != ADMIN)) {
$err = "You can not change someone elses password.";
} else {
if (!trim($vars["passwd"])) {
$err = "The Old password was blank.";
} elseif (!trim($vars["npasswd"])) {
$err = "The New Password cannot be blank.";
} elseif (!trim($vars["vpasswd"])) {
$err = "The Verification Password cannot be blank.";
} elseif (strcmp($vars["passwd"], $check_user["passwd"])) {
$err = "The Old Password must match the one in the database.";
} elseif (strcmp($vars["npasswd"], $vars["vpasswd"])) {
$err = "The New Password and the Verification Password must match.";
}
if (!$err) {
$prof_query = "update users";
$prof_query .= " set passwd = '" . trim($vars["npasswd"]) . "', ";
$prof_query .= " update_time = unix_timestamp()";
$prof_query .= " where id = $id";
update_db($prof_query);
}
}
return $err;
}
?>