<?
//
// H-Tracker v0.2
// http://h-tracker.org
// Based on TorrentTrader (http://www.torrenttrader.org)
//
//
require_once("backend/functions.php");
dbconn(false);
loggedinonly();
stdhead("".USER_CP."");
function navmenu(){
?>
<BR><table align=center cellpadding=0 cellspacing=3 class="tablebg" width=100%><tr><td>
<table width=95% class="row1" align="center">
<tr>
<td width=100% align=center>
<img src='images/li.png' border='0'>
<?print("<a href=account.php><b>".MY_PROFILE."</b></a>");?>
<img src='images/li.png' border='0'>
<?print("<a href=account.php?action=edit_settings&do=edit><b>".SETT_PROFILE."</b></a>");?>
<img src='images/li.png' border='0'>
<?print("<a href=account.php?action=changepw><b>".CHANGE_PASS."</b></a>");?>
<img src='images/li.png' border='0'>
<?print("<a href=account.php?action=mytorrents><b>".MYTORRENT."</b></a>");?>
<img src='images/li.png' border='0'>
<?print("<a href=mybonus.php><b>".MYBONUS."</b></a><br>");?>
<img src='images/li.png' border='0'>
<?print("<a href=friend.php><b>".MYFRIEND."</b></a>");?>
<img src='images/li.png' border='0'>
<?print("<a href=mailbox.php><b>".ACCOUNT_MESSAGES."</b></a>");?>
<img src='images/li.png' border='0'>
<?print("<a href=invite.php><b>".ACCOUNT_INVITES."</b></a>");?>
</td></tr>
</table>
</td></tr></table>
<BR>
<?
}//end func
if (!$action){
begin_frame("".MYACCOUNT.": $CURUSER[username] (".ACCOUNT_PROFILE.")");
$usersignature = stripslashes(format_comment($CURUSER["signature"]));
$avatar = $CURUSER["avatar"];
if (!$avatar) {
$avatar = "".$site_config["SITEURL"]."/themes/$THEME/images/avatars/default_avatar.gif";
}
navmenu();
?>
<table border=0 width=100% class="row1">
<TR><TD width=95% valign=top align=left>
<img src='images/li2.gif' border='0'>
<? print("<B>".USERNAME.""); ?>:</b> <? print("" . $CURUSER["username"] . "\n"); ?><br>
<img src='images/li2.gif' border='0'>
<? print("<B>".WORD_CLASS.""); ?>:</b> <?=$CURUSER["level"] ?><br>
<img src='images/li2.gif' border='0'>
<? print("<B>".EMAIL.""); ?>:</b> <? print("" . $CURUSER["email"] . "\n"); ?><br>
<img src='images/li2.gif' border='0'>
<? print("<B>".ACCOUNT_JOINED.""); ?>:</b> <? print("" . utc_to_tz($CURUSER["added"]) . "\n"); ?><br>
<img src='images/li2.gif' border='0'>
<? print("<B>".AGE.""); ?>:</b> <? print("" . $CURUSER["age"] . "\n"); ?><br>
<img src='images/li2.gif' border='0'>
<? print("<B>".GENDER.""); ?>:</b> <? print("" . $CURUSER["gender"] . "\n"); ?><br>
<img src='images/li2.gif' border='0'>
<? print("<B>".CLIENT.""); ?>:</b> <? print("" . $CURUSER["client"] . "\n"); ?><br>
<img src='images/li2.gif' border='0'>
<? print("<B>".DONATED.""); ?>:</b> $<?print("" . $CURUSER["donated"] . "\n");?><br>
<img src='images/li2.gif' border='0'>
<? print("<B>".CUSTOMTITLE.""); ?>:</b> <? print("" . strip_tags($CURUSER["title"]) . "\n"); ?><br>
<img src='images/li2.gif' border='0'>
<? print("<B>".ACCOUNT_PRIVACY_LV.""); ?>:</b> <? print("" . $CURUSER["privacy"] . "\n"); ?><br>
<img src='images/li2.gif' border='0'>
<? print("<B>".SIGNATURE.""); ?>:</b> <?=$usersignature?><br>
<img src='images/li2.gif' border='0'>
<? print("<B>".ACCOUNT_PASSKEY.":</b> " . $CURUSER["passkey"] . "\n"); ?><br>
<img src='images/li2.gif' border='0'>
<? print("<B>".ACCOUNT_IP.":</b> " . $CURUSER["ip"] . "\n"); ?><br>
<img src='images/li2.gif' border='0'>
<? print("<B>".INVITES."</b> " . $CURUSER["invites"] . "\n"); ?><br>
<?
$compl = $CURUSER["invitees"];
$compl_list = explode(" ", $compl);
$arr = array();
foreach($compl_list as $array_list)
$arr[] = $array_list;
$compl_arr = array_reverse($arr, TRUE);
$f=0;
foreach($compl_arr as $user_id)
{
$compl_user = mysql_query("SELECT id, username FROM users WHERE id='$user_id' and status='confirmed'");
$compl_users = mysql_fetch_array($compl_user);
if ($compl_users["id"] > 0)
{
echo("<B><img src='images/li2.gif' border='0'>".INVITEES."</B>");
$compl = $CURUSER["invitees"];
$compl_list = explode(" ", $compl);
$arr = array();
foreach($compl_list as $array_list)
$arr[] = $array_list;
$compl_arr = array_reverse($arr, TRUE);
$i = 0;
foreach($compl_arr as $user_id)
{
$compl_user = mysql_query("SELECT id, username FROM users WHERE id='$user_id' and status='confirmed' ORDER BY username");
$compl_users = mysql_fetch_array($compl_user);
echo("<a href=account-details.php?id=" . $compl_users["id"] . ">" . $compl_users["username"] . "</a> ");
if ($i == "9")
break;
$i++;
}
$f = 1;
}
if ($f == "1")
break;
}
?>
</td></tr>
</table>
<BR><BR>
<?
end_frame();
}
/////////////// MY TORRENTS ///////////////////
if ($action=="mytorrents"){
begin_frame("".ACCOUNT_YOUR_TORRENTS."", center);
navmenu();
//page numbers
$page = $_GET['page'];
$perpage = 200;
$res = mysql_query("SELECT COUNT(*) FROM torrents WHERE torrents.owner = " . $CURUSER["id"] ."") or die(mysql_error());
$arr = mysql_fetch_row($res);
$pages = floor($arr[0] / $perpage);
if ($pages * $perpage < $arr[0])
++$pages;
if ($page < 1)
$page = 1;
else
if ($page > $pages)
$page = $pages;
for ($i = 1; $i <= $pages; ++$i)
if ($i == $page)
$pagemenu .= "$i\n";
else
$pagemenu .= "<a href=account.php?action=mytorrents&page=$i>$i</a>\n";
if ($page == 1)
$browsemenu .= "";
else
$browsemenu .= "<a href=account.php?action=mytorrents&page=" . ($page - 1) . ">[Prev]</a>";
$browsemenu .= " ";
if ($page == $pages)
$browsemenu .= "";
else
$browsemenu .= "<a href=account.php?action=mytorrents&page=" . ($page + 1) . ">[Next]</a>";
$offset = ($page * $perpage) - $perpage;
//end page numbers
$where = "WHERE torrents.owner = " . $CURUSER["id"] ."";
$orderby = "ORDER BY added DESC";
$query = mysql_query("SELECT torrents.id, torrents.category, torrents.name, torrents.added, torrents.hits, torrents.banned, torrents.comments, torrents.seeders, torrents.leechers, torrents.times_completed, categories.name AS cat_name, categories.parent_cat AS cat_parent FROM torrents LEFT JOIN categories ON category = categories.id $where $orderby LIMIT $offset,$perpage")or die(mysql_error());
$allcats = mysql_num_rows($query);
if($allcats == 0) {
echo "<h4>".NO_UPLOADS."</h4>\n";
}else{
print("<p align=center>$pagemenu<br />$browsemenu</p>");
?><table align=center cellpadding="0" cellspacing="0" class="ttable_headouter" width=100%>
<td>
<table align=center cellpadding="0" cellspacing="0" class="ttable_headinner" width="100%">
<tr>
<td class=ttable_head><? echo "" . TYPE . "";?></td>
<td class=ttable_head><? echo "" . NAME . "";?></td>
<td class=ttable_head><?="<img src=\"".$site_config["SITEURL"]."/images/torrents/comments.png\" border=\"0\" alt=\"Comments\">"?></td>
<td class=ttable_head><? echo "" . HITS . "";?></td>
<td class=ttable_head><?="<img src=\"".$site_config["SITEURL"]."/images/torrents/seeders.png\" border=\"0\" alt=\"Seeders\">"?></td>
<td class=ttable_head><?="<img src=\"".$site_config["SITEURL"]."/images/torrents/leechers.png\" border=\"0\" alt=\"Leechers\">"?></td>
<td class=ttable_head><?="<img src=\"".$site_config["SITEURL"]."/images/torrents/completed.png\" border=\"0\" alt=\"Completed\">"?></td>
<td class=ttable_head><? echo "" . ADDED . "";?></font></td>
<td class=ttable_head><? echo "" . EDIT . "";?></td>
</tr>
<?
while($row = MYSQL_FETCH_ARRAY($query))
{
$char1 = 35; //cut length
$smallname = CutName(htmlspecialchars($row["name"]), $char1);
echo "<tr><td class=ttable_col2 align=center>$row[cat_parent]: $row[cat_name]</td><td class=ttable_col1 align=left><a href='torrents-details.php?id=$row[id]'>$smallname</A></td><td class=ttable_col2 align=center><a href=comments.php?type=torrent&id=$row[id]>$row[comments]</a></td><td class=ttable_col1 align=center>$row[hits]</td><td class=ttable_col2 align=center>$row[seeders]</td><td class=ttable_col1 align=center>$row[leechers]</td><td class=ttable_col2 align=center>$row[times_completed]</td><td class=ttable_col1 align=center>".get_elapsed_time(sql_timestamp_to_unix_timestamp($row["added"]))."</td><td class=ttable_col2><a href='torrents-edit.php?id=$row[id]'>" . EDIT . "</td></tr>\n";
}
echo "</td></table></td></tr></table><BR>";
print("<p align=center>$pagemenu<br />$browsemenu</p>");
}
end_frame();
}
/////////////////////// EDIT SETTINGS ////////////////
if ($action=="edit_settings"){
if ($do=="edit"){
begin_frame("".EDIT_ACC_SETT."");
navmenu();
?><CENTER>
<form method=post action=account.php>
<input type='hidden' name='action' value='edit_settings'>
<input type='hidden' name='do' value='save_settings'>
<table border="1" cellspacing=0 cellpadding="5" width="95%" class="table_table">
<?
$ss_r = mysql_query("SELECT * from stylesheets") or die;
$ss_sa = array();
while ($ss_a = mysql_fetch_array($ss_r))
{
$ss_id = $ss_a["id"];
$ss_name = $ss_a["name"];
$ss_sa[$ss_name] = $ss_id;
}
ksort($ss_sa);
reset($ss_sa);
while (list($ss_name, $ss_id) = each($ss_sa))
{
if ($ss_id == $CURUSER["stylesheet"]) $ss = " selected"; else $ss = "";
$stylesheets .= "<option value=$ss_id$ss>$ss_name</option>\n";
}
$countries = "<option value=0>---".N_SELECT."----</option>\n";
$ct_r = mysql_query("SELECT id,name from countries ORDER BY name") or die;
while ($ct_a = mysql_fetch_array($ct_r))
$countries .= "<option value=$ct_a[id]" . ($CURUSER["country"] == $ct_a['id'] ? " selected" : "") . ">$ct_a[name]</option>\n";
$zodiactype = "<option value=0>---".N_SELECT."----</option>n";
$zd_r = mysql_query("SELECT * from zodiac ORDER BY zodiactype") or die;
while ($zd_a = mysql_fetch_array($zd_r))
$zodiactype .= "<option value=$zd_a[id]" . ($CURUSER["zodiactype"] == $zd_a['id'] ? " selected" : "") . ">$zd_a[zodiactype]</option>n";
$teams = "<option value=0>---".N_SELECT."----</option>\n";
$sashok = mysql_query("SELECT id,name FROM teams ORDER BY name") or die;
while ($sasha = mysql_fetch_array($sashok))
$teams .= "<option value=$sasha[id]" . ($CURUSER["team"] == $sasha['id'] ? " selected" : "") . ">$sasha[name]</option>\n";
print ("<TR><TD align=right class=table_col2><B>".ACCOUNT_PARK."</B> </td><td class=table_col2><input type=radio name=parked" . ($CURUSER["parked"] == "yes" ? " checked" : "") . " value=yes><B>".YES."</B> <input type=radio name=parked" . ($CURUSER["parked"] == "no" ? " checked" : "") . " value=no><B>".NO."</B><br><i>".ACCOUNT_PARK_DESCR."</i></td></tr>");
$acceptpms = $CURUSER["acceptpms"] == "yes";
print ("<TR><TD align=right class=table_col2><B>" . ACCOUNT_ACCEPTPM . ":</B> </td><td class=table_col2><input type=radio name=acceptpms" . ($acceptpms ? " checked" : "") .
" value=yes><B>".ACCOUNT_ALL."</B> <input type=radio name=acceptpms" .
($acceptpms ? "" : " checked") . " value=no><B>" . ACCOUNT_PMSTAFFONLY . "</B><br><i>".ACCOUNT_PM_DESCR."</i></td></tr>");
$gender = "<option value=Male" . ($CURUSER["gender"] == Male ? " selected" : "") . ">" . MALE . "</option>\n"
."<option value=Female" . ($CURUSER["gender"] == Female ? " selected" : "") . ">" . FEMALE . "</option>\n";
// START CAT LIST SQL
$r = mysql_query("SELECT id,name,parent_cat FROM categories ORDER BY parent_cat ASC, sort_index ASC") or die(mysql_error());
if (mysql_num_rows($r) > 0)
{
$categories .= "<table><tr>\n";
$i = 0;
while ($a = mysql_fetch_assoc($r))
{
$categories .= ($i && $i % 2 == 0) ? "</tr><tr>" : "";
$categories .= "<td class=bottom style='padding-right: 5px'><input name=$a[id] type=\"checkbox\" " . (strpos($CURUSER['notifs'], "[$a[id]]") !== false ? " checked" : "") . " value='yes'> " .htmlspecialchars($a["parent_cat"]).": " . htmlspecialchars($a["name"]) . "</td>\n";
++$i;
}
$categories .= "</tr></table>\n";
}
// END CAT LIST SQL
function priv($name, $descr) {
global $CURUSER;
if ($CURUSER["privacy"] == $name)
return "<input type=\"radio\" name=\"privacy\" value=\"$name\" checked=\"checked\" /> $descr";
return "<input type=\"radio\" name=\"privacy\" value=\"$name\" /> $descr";
}
print("<TR><TD align=right class=table_col1><B>" . ACCOUNT_PRIVACY_LV . ":</B> </TD><TD align=left class=table_col1>". priv("normal", "<B>" . NORMAL . "</B>") . " " . priv("low", "<B>" . LOW . "</B>") . " " . priv("strong", "<B>" . STRONG . "</B>") . "<br><i>".ACCOUNT_PRIVACY_DESCR."</i></td></tr>");
print("<TR><TD align=right class=table_col1 valign=top><B>".CAT_FILTER.": </B></td><TD align=left class=table_col1><i>".CAT_FILTER_DESCR."</i><BR>".$categories."</td></tr>");
$uploadspeed = "<option value=0>---".N_SELECT."---</option>\n";
$downloadspeed = "<option value=0>---".N_SELECT."---</option>\n";
$dsl = mysql_query("SELECT id,name FROM speed ORDER BY id");
while ($ds_b = mysql_fetch_array($dsl)){
$downloadspeed .= "<option value=$ds_b[id]" . ($CURUSER["download"] == $ds_b['id'] ? " selected" : "") . ">$ds_b[name]</option>\n";
$uploadspeed .= "<option value=$ds_b[id]" . ($CURUSER["upload"] == $ds_b['id'] ? " selected" : "") . ">$ds_b[name]</option>\n";
}
print("<TR><TD align=right class=table_col1><B>".DOWN_SPEED.":</b></td><TD align=left class=table_col1><select name=download>\n$downloadspeed\n</select>");
print("<TR><TD align=right class=table_col1><B>".UP_SPEED.":</b></td><TD align=left class=table_col1><select name=upload>\n$uploadspeed\n</select>");
print("<TR><TD align=right class=table_col1><B>" . THEME . ":</b> </td><TD align=left class=table_col1><select name=stylesheet>\n$stylesheets\n</select></td></tr>");
print("<TR><TD align=right class=table_col2><B>".BT_CLIENT.":</b> </td><TD align=left class=table_col2><input type=text size=20 maxlength=20 name=client value=\"" . htmlspecialchars($CURUSER["client"]) . "\" /></td></tr>");
if ($CURUSER["age"] > 0 && $CURUSER["class"] < 4){
print("<TR><TD align=right class=table_col1><B>" . AGE . ":</b> </td><TD align=left class=table_col1><input type=text size=3 maxlength=2 name=age value=\"" . htmlspecialchars($CURUSER["age"]) . "\" disabled/> ".AGE_DESCR."</td></tr>");
}else{
print("<TR><TD align=right class=table_col1><B>" . AGE . ":</b> </td><TD align=left class=table_col1><input type=text size=3 maxlength=2 name=age value=\"" . htmlspecialchars($CURUSER["age"]) . "\" /></td></tr>");
}
print("<TR><TD align=right class=table_col2><B>" . GENDER . ":</b> </td><TD align=left class=table_col2><select size=1 name=gender>\n$gender\n</select></td></tr>");
print("<TR><TD align=right class=table_col2><B>".ZODIAC.":</b> </td><TD align=left class=table_col2><select name=zodiactype>n$zodiactype</select><input name=zodiac size=24 value=\"" . htmlspecialchars($CURUSER["zodiac"]) . "\" /></td></tr>");
print("<TR><TD align=right class=table_col1><B>" . COUNTRY . ":</b> </td><TD align=left class=table_col1><select name=country>\n$countries\n</select></td></tr>");
print ("<TD align=right class=table_col2><B>".CONTACT.":</B> </td><td class=table_col2><table cellSpacing=\"3\" cellPadding=\"0\" width=\"100%\" border=\"0\">
<tr>
<td style=\"font-size: 11px; font-style: normal; font-variant: normal; font-weight: normal; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif\" colspan=2>
".CONTACT_DESCR."</td>
</tr>
<tr>
<td style=\"font-size: 11px; font-style: normal; font-variant: normal; font-weight: normal; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif\">
".CONTACT_ICQ."<br>
<img src=images/contact/icq.gif alt=\"".CONTACT_ICQ."\">
<input maxLength=\"30\" size=\"25\" name=\"icq\" value=\"" . htmlspecialchars($CURUSER["icq"]) . "\" ></td>
<td style=\"font-size: 11px; font-style: normal; font-variant: normal; font-weight: normal; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif\">
".CONTACT_AIM."<br>
<img src=images/contact/aim.gif alt=\"".CONTACT_AIM."\">
<input maxLength=\"30\" size=\"25\" name=\"aim\" value=\"" . htmlspecialchars($CURUSER["aim"]) . "\" ></td>
</tr>
<tr>
<td style=\"font-size: 11px; font-style: normal; font-variant: normal; font-weight: normal; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif\">
".CONTACT_MSN."<br>
<img src=images/contact/msn.gif alt=\"".CONTACT_MSN."\">
<input maxLength=\"50\" size=\"25\" name=\"msn\" value=\"" . htmlspecialchars($CURUSER["msn"]) . "\" ></td>
<td style=\"font-size: 11px; font-style: normal; font-variant: normal; font-weight: normal; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif\">
".CONTACT_YAHOO."<br>
<img src=images/contact/yahoo.gif alt=\"".CONTACT_YAHOO."\">
<input maxLength=\"30\" size=\"25\" name=\"yahoo\" value=\"" . htmlspecialchars($CURUSER["yahoo"]) . "\" ></td>
</tr>
<tr>
<td style=\"font-size: 11px; font-style: normal; font-variant: normal; font-weight: normal; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif\">
".CONTACT_SKYPE."<br>
<img src=images/contact/skype.gif alt=\"".CONTACT_SKYPE."\">
<input maxLength=\"32\" size=\"25\" name=\"skype\" value=\"" . htmlspecialchars($CURUSER["skype"]) . "\" ></td>
<td style=\"font-size: 11px; font-style: normal; font-variant: normal; font-weight: normal; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif\">
</td>
</tr>
</table></td></tr>");
if ($CURUSER["class"] > 1)
print("<TR><TD align=right class=table_col1><B>".ACCOUNT_TEAM.":</b> </td><TD align=left class=table_col1><select name=teams>\n$teams\n</select></td></tr>");
$avatar = htmlspecialchars($CURUSER["avatar"]);
if (!$avatar)
$avatar = "".$site_config["SITEURL"]."/themes/$THEME/images/avatars/default_avatar.gif";
print("<tr><td align=right class=table_col1><B>" . USERBAR . ":</b></td><TD align=left class=table_col1><table border=0><tr><td><img src=userbar.php/".$CURUSER["id"].".png border=0 width=350 height=19></td></tr><tr><td>".USERBAR_DESCR.":</td></tr><br><TD><input type=\"text\" size=65 value=\"[url=".$site_config['SITEURL']."][img]".$site_config['SITEURL']."/userbar.php/".$CURUSER["id"].".png[/img][/url]\"></td></tr></table></td></tr>");
print("<tr><td align=right class=table_col1><B>" . AVATAR . ":</b></td><td align=left class=table_col1><table border=0><tr><td width=120><img src=$avatar></td></tr><br /><tr><td><input name=avatar size=50 value=\"" . htmlspecialchars($CURUSER["avatar"]) . "\"><br />\n<i>" . AVATAR_LINC . ": 120x120px</i></td></tr>");
if ($site_config['AVATARUPLOAD']){
print("<tr><td>[ <a href=upavatar.php?action=upload><b>" . UP_AVATAR . "</b></a> ]</td></tr></table></td></tr>");
}
if ($CURUSER["class"] < 3){
print("<TR><TD align=right class=table_col1><B>" . CUSTOMTITLE . ":</b> </td><TD align=left class=table_col1><input name=title size=50 value=\"" . strip_tags($CURUSER["title"]) .
"You must be a vip to edit this\"disabled></td></tr>");
}else{
print("<TR><TD align=right class=table_col1><B>" . CUSTOMTITLE . ":</b> </td><TD align=left class=table_col1><input name=title size=50 value=\"" . strip_tags($CURUSER["title"]) .
"\"><br />\n <I>" . HTML_NOT_ALLOWED . "</I></td></tr>");
}
print("<TR><TD align=right class=table_col2 valign=top><B>" . SIGNATURE . ":</b> </td><TD align=left class=table_col2><textarea name=signature cols=50 rows=10>" . htmlspecialchars($CURUSER["signature"]) .
"</textarea><br />\n <I>".SIG_SIZE.", " . HTML_NOT_ALLOWED . "</I></td></tr>");
print("<TR><TD align=right class=table_col1><B>".ACCOUNT_RES_PASSKEY.":</b> </td><TD align=left class=table_col1><input type=checkbox name=resetpasskey value=1 /> <I>".ACCOUNT_RES_PASSKEY_DESCR."</I></td></tr>");
print("<TR><TD align=right class=table_col2><B>" . EMAIL_ADDRESS . ":</b> </td><TD align=left class=table_col2><input type=\"text\" name=\"email\" size=50 value=\"" . htmlspecialchars($CURUSER["email"]) .
"\"><br />\n<I>" . REPLY_TO_CONFIRM_EMAIL . "</I><br></td></tr>");
ksort($tzs);
reset($tzs);
while (list($key, $val) = each($tzs)) {
if ($CURUSER["tzoffset"] == $key)
$tz .= "<option value=\"$key\" selected>$val</option>\n";
else
$tz .= "<option value=\"$key\">$val</option>\n";
}
print("<TR><TD align=right class=table_col1><B>".ACCOUNT_TIMEZONE.":</b> </td><TD align=left class=table_col1><select name='tzoffset'>$tz</select></td></tr>");
?>
<tr><td colspan="2" align="center"><input type="submit" value="<? echo "" . SUBMIT . "";?>" style='height: 25px'> <input type="reset" value="<? echo "" . REVERT . "";?>" style='height: 25px'></td></tr>
</table></form>
<?
end_frame();
}
if ($do == "save_settings"){
$set = array();
$updateset = array();
$changedemail = $newsecret = 0;
if ($email != $CURUSER["email"]) {
if (!validemail($email))
$message = "" . NOT_VAILD_EMAIL . "";
$changedemail = 1;
}
$parked = $_POST["parked"];
$acceptpms = $_POST["acceptpms"];
$privacy = $_POST["privacy"];
$r = mysql_query("SELECT id FROM categories") or die(mysql_error());
$rows = mysql_num_rows($r);
for ($i = 0; $i < $rows; ++$i) {
$a = mysql_fetch_assoc($r);
if ($HTTP_POST_VARS["$a[id]"] == 'yes')
$notifs .= "[$a[id]]";
}
if ($_POST['resetpasskey']) $updateset[] = "passkey=''";
$avatar = $_POST["avatar"];
$title = $_POST["title"];
$signature = $_POST["signature"];
$download = $_POST["download"];
$upload = $_POST["upload"];
$stylesheet = $_POST["stylesheet"];
$language = $_POST["language"];
$client = strip_tags($_POST["client"]);
$age = $_POST["age"];
$gender= $_POST["gender"];
$zodiactype = $_POST["zodiactype"];
$zodiac = $_POST["zodiac"];
$country = $_POST["country"];
$teams = $_POST["teams"];
$privacy = $_POST["privacy"];
$timezone = (int)$_POST['tzoffset'];
if (is_valid_id($stylesheet))
$updateset[] = "stylesheet = '$stylesheet'";
if (is_valid_id($language))
$updateset[] = "language = '$language'";
if (is_valid_id($download))
$updateset[] = "download = $download";
if (is_valid_id($upload))
$updateset[] = "upload = $upload";
if (is_valid_id($teams))
$updateset[] = "team = '$teams'";
if (is_valid_id($country))
$updateset[] = "country = $country";
if ($acceptpms == "yes")
$acceptpms = 'yes';
else
$acceptpms = 'no';
if (is_valid_id($age))
$updateset[] = "age = '$age'";
else
if($CURUSER["class"] <= 3)
autolink("account.php?action=edit_settings&do=edit", "<font size=5>".AGE_WRONG."</font>");
$updateset[] = "parked = " . sqlesc($parked);
$updateset[] = "acceptpms = ".sqlesc($acceptpms);
$updateset[] = "commentpm = " . sqlesc($commentpm);
$updateset[] = "notifs = ".sqlesc($notifs);
$updateset[] = "privacy = ".sqlesc($privacy);
$updateset[] = "gender = ".sqlesc($gender);
$updateset[] = "zodiactype = " . sqlesc($zodiactype);
$updateset[] = "zodiac = " . sqlesc($zodiac);
$icq = unesc($_POST["icq"]);
if (strlen($icq) > 10)
show_error_msg(""._ERROR_."", "".CONTACT_ICQ." ".CONTACT_ERROR."");
$updateset[] = "icq = " . sqlesc($icq);
$msn = unesc($_POST["msn"]);
if (strlen($msn) > 30)
show_error_msg(""._ERROR_."", "".CONTACT_MSN." ".CONTACT_ERROR."");
$updateset[] = "msn = " . sqlesc($msn);
$aim = unesc($_POST["aim"]);
if (strlen($aim) > 30)
show_error_msg(""._ERROR_."", "".CONTACT_AIM." ".CONTACT_ERROR."");
$updateset[] = "aim = " . sqlesc($aim);
$yahoo = unesc($_POST["yahoo"]);
if (strlen($yahoo) > 30)
show_error_msg(""._ERROR_."", "".CONTACT_YAHOO." ".CONTACT_ERROR."");
$updateset[] = "yahoo = " . sqlesc($yahoo);
$skype = unesc($_POST["skype"]);
if (strlen($skype) > 20)
show_error_msg(""._ERROR_."", "".CONTACT_SKYPE." ".CONTACT_ERROR."");
$updateset[] = "skype = " . sqlesc($skype);
$updateset[] = "client = ".sqlesc($client);
$updateset[] = "avatar = " . sqlesc($avatar);
$updateset[] = "signature = ".sqlesc($signature);
$updateset[] = "title = ".sqlesc($title);
$updateset[] = "tzoffset = $timezone";
/* ****** */
if (!$message) {
if ($changedemail) {
$sec = mksecret();
$hash = md5($sec . $email . $sec);
$obemail = rawurlencode($email);
$updateset[] = "editsecret = " . sqlesc($sec);
$thishost = $_SERVER["HTTP_HOST"];
$thisdomain = preg_replace('/^www\./is', "", $thishost);
$body = <<<EOD
You have requested that your user profile (username {$CURUSER["username"]})
on {$site_config["SITEURL"]} should be updated with this email address ($email) as
user contact.
If you did not do this, please ignore this email. The person who entered your
email address had the IP address {$_SERVER["REMOTE_ADDR"]}. Please do not reply.
To complete the update of your user profile, please follow this link:
{$site_config["SITEURL"]}/account-ce.php?id={$CURUSER["id"]}&secret=$hash&email=$obemail
Your new email address will appear in your profile after you do this. Otherwise
your profile will remain unchanged.
EOD;
mail($email, "".$site_config["SITENAME"]." ".CHANGE_EMAIL."", $body, "".FROM.": ".$site_config["SITEEMAIL"]."", "".$site_config["SITEEMAIL"]."");
$mailsent = 1;
} //changedemail
mysql_query("UPDATE users SET " . implode(",", $updateset) . " WHERE id = " . $CURUSER["id"]."") or die(mysql_error());
$edited=1;
if ($changedemail) {
autolink("account.php", "".CHANGE_EMAIL_CONFIRM."");
stdfoot();
} else{
autolink("account.php", "".ACCOUNT_UPDATE."");
stdfoot();
}
}else{
show_error_msg(""._ERROR_."", "".$message."");
}// message
}// end do
}//end action
if ($action=="changepw"){
if ($do=="newpassword"){
if ($chpassword != "") {
$res = mysql_query("SELECT id, password, secret, enabled FROM users WHERE id = " . $CURUSER["id"] . " AND status = 'confirmed'");
$row = mysql_fetch_array($res);
if (strlen($chpassword) < 6)
$message = "" . PASS_TOO_SHORT . "";
if ($chpassword != $passagain)
$message = "" . PASSWORDS_NOT_MATCH . "";
$chpassword = md5($chpassword);
}
if ((!$chpassword) || (!$passagain))
$message = "".BLANK_FIELDS."!";
begin_frame();
navmenu();
if (!$message){
mysql_query("UPDATE users SET password = " . sqlesc($chpassword) . " WHERE id = " . $CURUSER["id"]."") or die(mysql_error());
echo "<br><br><center><b>".CHANGE_PASS_YES."</b></center>";
logoutcookie();
}else{
echo "<br><br><B><CENTER>".$message."</CENTER></B><br><br>";
}
end_frame();
stdfoot();
die();
}//do
begin_frame("" . CHANGE_YOUR_PASS . "");
navmenu();
?>
<form method=post action=account.php>
<input type='hidden' name='action' value='changepw'>
<input type='hidden' name='do' value='newpassword'>
<table class='tablebg' border="0" cellspacing="0" cellpadding="0" align="center" width="60%">
<tr><td class='rowtabhead' colspan="2" align="center"><? echo "" . CHANGE_YOUR_PASS . "";?></td></tr>
<?
print("<tr><td align=right class=row1>" . NEW_PASSWORD . ":</td><td class=row2 align=left><input type=\"password\" name=\"chpassword\" size=\"38\" /><td>");
print("<tr><td align=right class=row1>" . REPEAT . ":</B></td><td class=row2 align=left><input type=\"password\" name=\"passagain\" size=\"38\" /></td>");
?>
<tr><td class='rowEnd' colspan="2" align="center"><input type="submit" value="<? echo "" . SUBMIT . "";?>"> <input type="reset" value="<? echo "" . REVERT . "";?>"></td></tr>
</table></form>
<?
end_frame();
}
stdfoot();
?>