Location: PHPKode > projects > Exero CMS > upload/modules/usercp/index.php
<?
// Check if module is active
if(!moduleactive("usercp")) {
	$message = "This module is currently Deactiaved";
	include("themes/$ecms->theme/error.php");
	exit;
}
// Check Permissions
if(!$ecms->permissions("usercp")) {
	include("themes/$ecms->theme/nopermission.php");
	exit;
}
if(empty($_REQUEST['q1'])) {
	include("themes/$ecms->theme/usercp/index.php");
} else if($_REQUEST['q1'] == "editpassword") {
	if($_REQUEST['q2'] == "save") {
		$save = 1;
		$error = "";
		if(md5($_POST['currentpassword']) == $user->userinfo['password']) {
			if(!$_POST['email'] == $_POST['emailconfirm'] && isset($_POST['emailconform'])) {
				$error = "Emails do not match.";
				$save = 0;
			}
			if(!$_POST['password'] == $_POST['passwordconfirm'] && isset($_POST['password'])) {
				$error .= "Passwords do not match.";
				$save = 0;
			}
		} else {
			$error .= "Incorrect Password.";
			$save = 0;
		}
		if($save) {
			$doquery = 0;
			if(!$_POST['passwordconfirm'] == "") {
				$password = "password='".md5($_POST['password'])."',";
				$doquery = 1;
			}
			if(!$_POST['emailconfirm'] == "") {
				$email = "email='".$db->real_escape_string($_POST['email'])."',";
				$doquery = 1;
			}
			if($doquery) {
				$db->query("UPDATE users SET $password $email lastvisit=".time()." WHERE uid='".$user->userinfo['uid']."' LIMIT 1");
			}
			$message = "Information Saved.";
			$module = "rooturl";
			include("themes/$ecms->theme/redirect.php");
		} else {
			include("themes/$ecms->theme/usercp/editpassword.php");
		}
	} else {
		include("themes/$ecms->theme/usercp/editpassword.php");
	}
} else if($_REQUEST['q1'] == "avatar") {
	if($_REQUEST['q2'] == "upload") {
		$save = 1;
		$error = "";
		$ext = getfileextension($_FILES['avatar']['type']);
		$extensions = array("jpg","png","gif","bmp");
		if(!in_array($ext,$extensions)) {
			$save = 0;
			$error .= "That is not a valid image file.";
		}
		if($save) {
			if(!$user->userinfo['avatar'] == "") {
				unlink("images/customavatars/".$user->userinfo['avatar']);
			}
			move_uploaded_file($_FILES['avatar']['tmp_name'], "images/customavatars/".$user->userinfo['username'].".".$ext);
			$db->query("UPDATE ".TABLE_PREFIX."users SET avatar='".$user->userinfo['username'].".".$ext."' WHERE uid='".$user->userinfo['uid']."' LIMIT 1");
			$message = "Avatar Uploaded";
			$module = "usercp";
			include("themes/$ecms->theme/redirect.php");
		} else {
			include("themes/$ecms->theme/usercp/avatar.php");
		}
	} else if($_REQUEST['q2'] == "delete") {
		unlink("images/customavatars/".$user->userinfo['avatar']);
		$db->query("UPDATE ".TABLE_PREFIX."users SET avatar='' WHERE uid='".$user->userinfo['uid']."' LIMIT 1");
		$message = "Avatar Deleted";
		$module = "usercp";
		include("themes/$ecms->theme/redirect.php");
	} else {
		include("themes/$ecms->theme/usercp/avatar.php");
	}
}
?>
100% Free PHP Newsletter Script! Download now!
Return current item: Exero CMS