Location: PHPKode > projects > H-tracker > account.php
<?
//
//  H-Tracker v0.2
//	http://h-tracker.org
//	Based on TorrentTrader (http://www.torrenttrader.org)
//
//
require_once("backend/functions.php");
dbconn(false);
loggedinonly();

stdhead("".USER_CP."");

function navmenu(){
?>
	<BR><table align=center cellpadding=0 cellspacing=3 class="tablebg" width=100%><tr><td>
		<table width=95% class="row1" align="center">
		<tr>
		<td width=100% align=center>
		&nbsp;<img src='images/li.png' border='0'>
		<?print("<a href=account.php><b>".MY_PROFILE."</b></a>");?>
		&nbsp;<img src='images/li.png' border='0'>
		<?print("<a href=account.php?action=edit_settings&do=edit><b>".SETT_PROFILE."</b></a>");?>
		&nbsp;<img src='images/li.png' border='0'>
		<?print("<a href=account.php?action=changepw><b>".CHANGE_PASS."</b></a>");?>
		&nbsp;<img src='images/li.png' border='0'>
		<?print("<a href=account.php?action=mytorrents><b>".MYTORRENT."</b></a>");?>
		&nbsp;<img src='images/li.png' border='0'>
		<?print("<a href=mybonus.php><b>".MYBONUS."</b></a><br>");?>
		&nbsp;<img src='images/li.png' border='0'>
        <?print("<a href=friend.php><b>".MYFRIEND."</b></a>");?>
        &nbsp;<img src='images/li.png' border='0'>
		<?print("<a href=mailbox.php><b>".ACCOUNT_MESSAGES."</b></a>");?>
		&nbsp;<img src='images/li.png' border='0'>
		<?print("<a href=invite.php><b>".ACCOUNT_INVITES."</b></a>");?>  
		</td></tr>
		</table>
	</td></tr></table>
	<BR>
	<?
}//end func


if (!$action){
	begin_frame("".MYACCOUNT.": $CURUSER[username] (".ACCOUNT_PROFILE.")");

	$usersignature = stripslashes(format_comment($CURUSER["signature"]));

	$avatar = $CURUSER["avatar"];
	if (!$avatar) {
		$avatar = "".$site_config["SITEURL"]."/themes/$THEME/images/avatars/default_avatar.gif";
	}
	navmenu();
	?>
	<table border=0 width=100% class="row1">
	<TR><TD width=95% valign=top align=left>
      <img src='images/li2.gif' border='0'>
	<? print("<B>".USERNAME.""); ?>:</b> <? print("" . $CURUSER["username"] . "\n"); ?><br>
      <img src='images/li2.gif' border='0'>
	<? print("<B>".WORD_CLASS.""); ?>:</b> <?=$CURUSER["level"] ?><br>
      <img src='images/li2.gif' border='0'>
	<? print("<B>".EMAIL.""); ?>:</b> <? print("" . $CURUSER["email"] . "\n"); ?><br>
      <img src='images/li2.gif' border='0'>
	<? print("<B>".ACCOUNT_JOINED.""); ?>:</b> <? print("" . utc_to_tz($CURUSER["added"]) . "\n"); ?><br>
      <img src='images/li2.gif' border='0'>
	<? print("<B>".AGE.""); ?>:</b> <? print("" . $CURUSER["age"] . "\n"); ?><br>
      <img src='images/li2.gif' border='0'>
	<? print("<B>".GENDER.""); ?>:</b> <? print("" . $CURUSER["gender"] . "\n"); ?><br>
      <img src='images/li2.gif' border='0'>
	<? print("<B>".CLIENT.""); ?>:</b> <? print("" . $CURUSER["client"] . "\n"); ?><br>
      <img src='images/li2.gif' border='0'>
	<? print("<B>".DONATED.""); ?>:</b> $<?print("" . $CURUSER["donated"] . "\n");?><br>
      <img src='images/li2.gif' border='0'>
	<? print("<B>".CUSTOMTITLE.""); ?>:</b> <? print("" . strip_tags($CURUSER["title"]) . "\n"); ?><br>
      <img src='images/li2.gif' border='0'>
	<? print("<B>".ACCOUNT_PRIVACY_LV.""); ?>:</b> <? print("" . $CURUSER["privacy"] . "\n"); ?><br>
      <img src='images/li2.gif' border='0'>
	<? print("<B>".SIGNATURE.""); ?>:</b> <?=$usersignature?><br>
      <img src='images/li2.gif' border='0'>
	<? print("<B>".ACCOUNT_PASSKEY.":</b> " . $CURUSER["passkey"] . "\n"); ?><br>
      <img src='images/li2.gif' border='0'>
	<? print("<B>".ACCOUNT_IP.":</b> " . $CURUSER["ip"] . "\n"); ?><br>
      <img src='images/li2.gif' border='0'>
        <? print("<B>".INVITES."</b> " . $CURUSER["invites"] . "\n"); ?><br>
<?
         $compl = $CURUSER["invitees"];
         $compl_list = explode(" ", $compl);
         $arr = array();
         foreach($compl_list as $array_list)
             $arr[] = $array_list;
          $compl_arr = array_reverse($arr, TRUE);
         $f=0;
         foreach($compl_arr as $user_id)
         {
             $compl_user = mysql_query("SELECT id, username FROM users WHERE id='$user_id' and status='confirmed'");
             $compl_users = mysql_fetch_array($compl_user);
if ($compl_users["id"] > 0)
{
         echo("<B><img src='images/li2.gif' border='0'>".INVITEES."</B>");
         $compl = $CURUSER["invitees"];
         $compl_list = explode(" ", $compl);
         $arr = array();
         foreach($compl_list as $array_list)
             $arr[] = $array_list;
          $compl_arr = array_reverse($arr, TRUE);
         $i = 0;
         foreach($compl_arr as $user_id)
         {
             $compl_user = mysql_query("SELECT id, username FROM users WHERE id='$user_id' and status='confirmed' ORDER BY username");
             $compl_users = mysql_fetch_array($compl_user);
             echo("<a href=account-details.php?id=" . $compl_users["id"] . ">" . $compl_users["username"] . "</a> ");
             if ($i == "9")
                 break;
             $i++;
         }
$f = 1;
}
if ($f == "1")
                 break;
     }
?>
	</td></tr>
	</table>
	<BR><BR>
	<?
	end_frame();
}

/////////////// MY TORRENTS ///////////////////

if ($action=="mytorrents"){
begin_frame("".ACCOUNT_YOUR_TORRENTS."", center);
navmenu();
//page numbers
$page = $_GET['page'];
$perpage = 200;

$res = mysql_query("SELECT COUNT(*) FROM torrents WHERE torrents.owner = " . $CURUSER["id"] ."") or die(mysql_error());
$arr = mysql_fetch_row($res);
$pages = floor($arr[0] / $perpage);
if ($pages * $perpage < $arr[0])
  ++$pages;

if ($page < 1)
  $page = 1;
else
  if ($page > $pages)
    $page = $pages;

for ($i = 1; $i <= $pages; ++$i)
  if ($i == $page)
    $pagemenu .= "$i\n";
  else
    $pagemenu .= "<a href=account.php?action=mytorrents&page=$i>$i</a>\n";

if ($page == 1)
  $browsemenu .= "";
else
  $browsemenu .= "<a href=account.php?action=mytorrents&page=" . ($page - 1) . ">[Prev]</a>";

$browsemenu .= "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";

if ($page == $pages)
  $browsemenu .= "";
else
  $browsemenu .= "<a href=account.php?action=mytorrents&page=" . ($page + 1) . ">[Next]</a>";

$offset = ($page * $perpage) - $perpage;
//end page numbers


$where = "WHERE torrents.owner = " . $CURUSER["id"] ."";
$orderby = "ORDER BY added DESC";

$query = mysql_query("SELECT torrents.id, torrents.category, torrents.name, torrents.added, torrents.hits, torrents.banned, torrents.comments, torrents.seeders, torrents.leechers, torrents.times_completed, categories.name AS cat_name, categories.parent_cat AS cat_parent FROM torrents LEFT JOIN categories ON category = categories.id $where $orderby LIMIT $offset,$perpage")or die(mysql_error());

$allcats = mysql_num_rows($query);
	if($allcats == 0) {
		echo "<h4>".NO_UPLOADS."</h4>\n";
	}else{
		print("<p align=center>$pagemenu<br />$browsemenu</p>");
?><table align=center cellpadding="0" cellspacing="0" class="ttable_headouter" width=100%>
<td>
<table align=center cellpadding="0" cellspacing="0" class="ttable_headinner" width="100%">
<tr>
<td class=ttable_head><? echo "" . TYPE . "";?></td>
<td class=ttable_head><? echo "" . NAME . "";?></td>
<td class=ttable_head><?="<img src=\"".$site_config["SITEURL"]."/images/torrents/comments.png\" border=\"0\" alt=\"Comments\">"?></td>
<td class=ttable_head><? echo "" . HITS . "";?></td>
<td class=ttable_head><?="<img src=\"".$site_config["SITEURL"]."/images/torrents/seeders.png\" border=\"0\" alt=\"Seeders\">"?></td>
<td class=ttable_head><?="<img src=\"".$site_config["SITEURL"]."/images/torrents/leechers.png\" border=\"0\" alt=\"Leechers\">"?></td>
<td class=ttable_head><?="<img src=\"".$site_config["SITEURL"]."/images/torrents/completed.png\" border=\"0\" alt=\"Completed\">"?></td>
<td class=ttable_head><? echo "" . ADDED . "";?></font></td>
<td class=ttable_head><? echo "" . EDIT . "";?></td>
</tr>
<?
		while($row = MYSQL_FETCH_ARRAY($query))
			{
			$char1 = 35; //cut length 
			$smallname = CutName(htmlspecialchars($row["name"]), $char1);
			echo "<tr><td class=ttable_col2 align=center>$row[cat_parent]: $row[cat_name]</td><td class=ttable_col1 align=left><a href='torrents-details.php?id=$row[id]'>$smallname</A></td><td class=ttable_col2 align=center><a href=comments.php?type=torrent&id=$row[id]>$row[comments]</a></td><td class=ttable_col1 align=center>$row[hits]</td><td class=ttable_col2 align=center>$row[seeders]</td><td class=ttable_col1 align=center>$row[leechers]</td><td class=ttable_col2 align=center>$row[times_completed]</td><td class=ttable_col1 align=center>".get_elapsed_time(sql_timestamp_to_unix_timestamp($row["added"]))."</td><td class=ttable_col2><a href='torrents-edit.php?id=$row[id]'>" . EDIT . "</td></tr>\n";
			}
		echo "</td></table></td></tr></table><BR>";
		print("<p align=center>$pagemenu<br />$browsemenu</p>");
	}

end_frame();
}


/////////////////////// EDIT SETTINGS ////////////////
if ($action=="edit_settings"){

	if ($do=="edit"){
	begin_frame("".EDIT_ACC_SETT."");

	navmenu();
	?><CENTER>
	<form method=post action=account.php>
	<input type='hidden' name='action' value='edit_settings'>
	<input type='hidden' name='do' value='save_settings'>
	<table border="1" cellspacing=0 cellpadding="5" width="95%" class="table_table">
	<?

	$ss_r = mysql_query("SELECT * from stylesheets") or die;
	$ss_sa = array();
	while ($ss_a = mysql_fetch_array($ss_r))
	{
	  $ss_id = $ss_a["id"];
	  $ss_name = $ss_a["name"];
	  $ss_sa[$ss_name] = $ss_id;
	}
	ksort($ss_sa);
	reset($ss_sa);
	while (list($ss_name, $ss_id) = each($ss_sa))
	{
	  if ($ss_id == $CURUSER["stylesheet"]) $ss = " selected"; else $ss = "";
	  $stylesheets .= "<option value=$ss_id$ss>$ss_name</option>\n";
	}
    
    
	$countries = "<option value=0>---".N_SELECT."----</option>\n";
	$ct_r = mysql_query("SELECT id,name from countries ORDER BY name") or die;
	while ($ct_a = mysql_fetch_array($ct_r)) 
	  $countries .= "<option value=$ct_a[id]" . ($CURUSER["country"] == $ct_a['id'] ? " selected" : "") . ">$ct_a[name]</option>\n";  
      
      
      $zodiactype = "<option value=0>---".N_SELECT."----</option>n";
    $zd_r = mysql_query("SELECT * from zodiac ORDER BY zodiactype") or die;
     while ($zd_a = mysql_fetch_array($zd_r))
      $zodiactype .= "<option value=$zd_a[id]" . ($CURUSER["zodiactype"] == $zd_a['id'] ? " selected" : "") . ">$zd_a[zodiactype]</option>n";

	$teams = "<option value=0>---".N_SELECT."----</option>\n";
	$sashok = mysql_query("SELECT id,name FROM teams ORDER BY name") or die;
	while ($sasha = mysql_fetch_array($sashok))
		$teams .= "<option value=$sasha[id]" . ($CURUSER["team"] == $sasha['id'] ? " selected" : "") . ">$sasha[name]</option>\n"; 

      print ("<TR><TD align=right class=table_col2><B>".ACCOUNT_PARK."</B> </td><td class=table_col2><input type=radio name=parked" . ($CURUSER["parked"] == "yes" ? " checked" : "") . " value=yes><B>".YES."</B> <input type=radio name=parked" .  ($CURUSER["parked"] == "no" ? " checked" : "") . " value=no><B>".NO."</B><br><i>".ACCOUNT_PARK_DESCR."</i></td></tr>");
	$acceptpms = $CURUSER["acceptpms"] == "yes";
	print ("<TR><TD align=right class=table_col2><B>" . ACCOUNT_ACCEPTPM . ":</B> </td><td class=table_col2><input type=radio name=acceptpms" . ($acceptpms ? " checked" : "") .
	  " value=yes><B>".ACCOUNT_ALL."</B> <input type=radio name=acceptpms" .
	  ($acceptpms ? "" : " checked") . " value=no><B>" . ACCOUNT_PMSTAFFONLY . "</B><br><i>".ACCOUNT_PM_DESCR."</i></td></tr>");
	  
	$gender = "<option value=Male" . ($CURUSER["gender"] == Male ? " selected" : "") . ">" . MALE . "</option>\n"
		 ."<option value=Female" . ($CURUSER["gender"] == Female ? " selected" : "") . ">" . FEMALE . "</option>\n";
	// START CAT LIST SQL
	$r = mysql_query("SELECT id,name,parent_cat FROM categories ORDER BY parent_cat ASC, sort_index ASC") or die(mysql_error());
	if (mysql_num_rows($r) > 0)
	{
		$categories .= "<table><tr>\n";
		$i = 0;
		while ($a = mysql_fetch_assoc($r))
		{
		  $categories .=  ($i && $i % 2 == 0) ? "</tr><tr>" : "";
		  $categories .= "<td class=bottom style='padding-right: 5px'><input name=$a[id] type=\"checkbox\" " . (strpos($CURUSER['notifs'], "[$a[id]]") !== false ? " checked" : "") . " value='yes'>&nbsp;" .htmlspecialchars($a["parent_cat"]).": " . htmlspecialchars($a["name"]) . "</td>\n";
		  ++$i;
		}
		$categories .= "</tr></table>\n";
	} 

	// END CAT LIST SQL
	function priv($name, $descr) {
		global $CURUSER;
		if ($CURUSER["privacy"] == $name)
			return "<input type=\"radio\" name=\"privacy\" value=\"$name\" checked=\"checked\" /> $descr";
		return "<input type=\"radio\" name=\"privacy\" value=\"$name\" /> $descr";
	}

	print("<TR><TD align=right class=table_col1><B>" . ACCOUNT_PRIVACY_LV . ":</B> </TD><TD align=left class=table_col1>". priv("normal", "<B>" . NORMAL . "</B>") . " " . priv("low", "<B>" . LOW . "</B>") . " " . priv("strong", "<B>" . STRONG . "</B>") . "<br><i>".ACCOUNT_PRIVACY_DESCR."</i></td></tr>");
  

    print("<TR><TD align=right class=table_col1 valign=top><B>".CAT_FILTER.": </B></td><TD align=left class=table_col1><i>".CAT_FILTER_DESCR."</i><BR>".$categories."</td></tr>");
     $uploadspeed = "<option value=0>---".N_SELECT."---</option>\n";
$downloadspeed = "<option value=0>---".N_SELECT."---</option>\n";
$dsl = mysql_query("SELECT id,name FROM speed ORDER BY id");
while ($ds_b = mysql_fetch_array($dsl)){
  $downloadspeed .= "<option value=$ds_b[id]" . ($CURUSER["download"] == $ds_b['id'] ? " selected" : "") . ">$ds_b[name]</option>\n";
  $uploadspeed .= "<option value=$ds_b[id]" . ($CURUSER["upload"] == $ds_b['id'] ? " selected" : "") . ">$ds_b[name]</option>\n";
} 

    print("<TR><TD align=right class=table_col1><B>".DOWN_SPEED.":</b></td><TD align=left class=table_col1><select name=download>\n$downloadspeed\n</select>");
    print("<TR><TD align=right class=table_col1><B>".UP_SPEED.":</b></td><TD align=left class=table_col1><select name=upload>\n$uploadspeed\n</select>");

	print("<TR><TD align=right class=table_col1><B>" . THEME . ":</b> </td><TD align=left class=table_col1><select name=stylesheet>\n$stylesheets\n</select></td></tr>");
	print("<TR><TD align=right class=table_col2><B>".BT_CLIENT.":</b> </td><TD align=left class=table_col2><input type=text size=20 maxlength=20 name=client value=\"" . htmlspecialchars($CURUSER["client"]) . "\" /></td></tr>");
    if ($CURUSER["age"] > 0 && $CURUSER["class"] < 4){
	print("<TR><TD align=right class=table_col1><B>" . AGE . ":</b> </td><TD align=left class=table_col1><input type=text size=3 maxlength=2 name=age value=\"" . htmlspecialchars($CURUSER["age"]) . "\" disabled/>&nbsp;".AGE_DESCR."</td></tr>");
    }else{
    print("<TR><TD align=right class=table_col1><B>" . AGE . ":</b> </td><TD align=left class=table_col1><input type=text size=3 maxlength=2 name=age value=\"" . htmlspecialchars($CURUSER["age"]) . "\" /></td></tr>");                            
    }
	print("<TR><TD align=right class=table_col2><B>" . GENDER . ":</b> </td><TD align=left class=table_col2><select size=1 name=gender>\n$gender\n</select></td></tr>");
    print("<TR><TD align=right class=table_col2><B>".ZODIAC.":</b> </td><TD align=left class=table_col2><select name=zodiactype>n$zodiactype</select><input name=zodiac size=24 value=\"" . htmlspecialchars($CURUSER["zodiac"]) . "\" /></td></tr>"); 
	print("<TR><TD align=right class=table_col1><B>" . COUNTRY . ":</b> </td><TD align=left class=table_col1><select name=country>\n$countries\n</select></td></tr>");  
                   
 print ("<TD align=right class=table_col2><B>".CONTACT.":</B> </td><td class=table_col2><table cellSpacing=\"3\" cellPadding=\"0\" width=\"100%\" border=\"0\">
         <tr>
        <td style=\"font-size: 11px; font-style: normal; font-variant: normal; font-weight: normal; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif\" colspan=2>
        ".CONTACT_DESCR."</td>
      </tr>
      <tr>
        <td style=\"font-size: 11px; font-style: normal; font-variant: normal; font-weight: normal; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif\">
        ".CONTACT_ICQ."<br>
        <img src=images/contact/icq.gif alt=\"".CONTACT_ICQ."\">
        <input maxLength=\"30\" size=\"25\" name=\"icq\" value=\"" . htmlspecialchars($CURUSER["icq"]) . "\" ></td>
        <td style=\"font-size: 11px; font-style: normal; font-variant: normal; font-weight: normal; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif\">
        ".CONTACT_AIM."<br>
        <img src=images/contact/aim.gif alt=\"".CONTACT_AIM."\">
        <input maxLength=\"30\" size=\"25\" name=\"aim\" value=\"" . htmlspecialchars($CURUSER["aim"]) . "\" ></td>
      </tr>
      <tr>
        <td style=\"font-size: 11px; font-style: normal; font-variant: normal; font-weight: normal; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif\">
        ".CONTACT_MSN."<br>
        <img src=images/contact/msn.gif alt=\"".CONTACT_MSN."\">
        <input maxLength=\"50\" size=\"25\" name=\"msn\" value=\"" . htmlspecialchars($CURUSER["msn"]) . "\" ></td>
        <td style=\"font-size: 11px; font-style: normal; font-variant: normal; font-weight: normal; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif\">
        ".CONTACT_YAHOO."<br>
        <img src=images/contact/yahoo.gif alt=\"".CONTACT_YAHOO."\">
        <input maxLength=\"30\" size=\"25\" name=\"yahoo\" value=\"" . htmlspecialchars($CURUSER["yahoo"]) . "\" ></td>
      </tr>
      <tr>
        <td style=\"font-size: 11px; font-style: normal; font-variant: normal; font-weight: normal; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif\">
        ".CONTACT_SKYPE."<br>
        <img src=images/contact/skype.gif alt=\"".CONTACT_SKYPE."\">
        <input maxLength=\"32\" size=\"25\" name=\"skype\" value=\"" . htmlspecialchars($CURUSER["skype"]) . "\" ></td>
        <td style=\"font-size: 11px; font-style: normal; font-variant: normal; font-weight: normal; font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif\">
         </td>
      </tr>
    </table></td></tr>");

	if ($CURUSER["class"] > 1)
		print("<TR><TD align=right class=table_col1><B>".ACCOUNT_TEAM.":</b> </td><TD align=left class=table_col1><select name=teams>\n$teams\n</select></td></tr>");
    $avatar = htmlspecialchars($CURUSER["avatar"]);
    if (!$avatar)
        $avatar = "".$site_config["SITEURL"]."/themes/$THEME/images/avatars/default_avatar.gif";

print("<tr><td align=right class=table_col1><B>" . USERBAR . ":</b></td><TD align=left class=table_col1><table border=0><tr><td><img src=userbar.php/".$CURUSER["id"].".png border=0 width=350 height=19></td></tr><tr><td>".USERBAR_DESCR.":</td></tr><br><TD><input type=\"text\" size=65 value=\"[url=".$site_config['SITEURL']."][img]".$site_config['SITEURL']."/userbar.php/".$CURUSER["id"].".png[/img][/url]\"></td></tr></table></td></tr>");
    print("<tr><td align=right class=table_col1><B>" . AVATAR . ":</b></td><td align=left class=table_col1><table border=0><tr><td width=120><img src=$avatar></td></tr><br /><tr><td><input name=avatar size=50 value=\"" . htmlspecialchars($CURUSER["avatar"]) . "\"><br />\n<i>" . AVATAR_LINC . ": 120x120px</i></td></tr>");
    if ($site_config['AVATARUPLOAD']){ 
    print("<tr><td>[ <a href=upavatar.php?action=upload><b>" . UP_AVATAR . "</b></a> ]</td></tr></table></td></tr>");
     }
     if ($CURUSER["class"] < 3){ 
	print("<TR><TD align=right class=table_col1><B>" . CUSTOMTITLE . ":</b> </td><TD align=left class=table_col1><input name=title size=50 value=\"" . strip_tags($CURUSER["title"]) .
	  "You must be a vip to edit this\"disabled></td></tr>");
      }else{
    print("<TR><TD align=right class=table_col1><B>" . CUSTOMTITLE . ":</b> </td><TD align=left class=table_col1><input name=title size=50 value=\"" . strip_tags($CURUSER["title"]) .
      "\"><br />\n <I>" . HTML_NOT_ALLOWED . "</I></td></tr>");
      }
	print("<TR><TD align=right class=table_col2 valign=top><B>" . SIGNATURE . ":</b> </td><TD align=left class=table_col2><textarea name=signature cols=50 rows=10>" . htmlspecialchars($CURUSER["signature"]) .
	  "</textarea><br />\n <I>".SIG_SIZE.", " . HTML_NOT_ALLOWED . "</I></td></tr>");

	print("<TR><TD align=right class=table_col1><B>".ACCOUNT_RES_PASSKEY.":</b> </td><TD align=left class=table_col1><input type=checkbox name=resetpasskey value=1 />&nbsp;<I>".ACCOUNT_RES_PASSKEY_DESCR."</I></td></tr>");

	print("<TR><TD align=right class=table_col2><B>" . EMAIL_ADDRESS . ":</b> </td><TD align=left class=table_col2><input type=\"text\" name=\"email\" size=50 value=\"" . htmlspecialchars($CURUSER["email"]) .
	  "\"><br />\n<I>" . REPLY_TO_CONFIRM_EMAIL . "</I><br></td></tr>");

	ksort($tzs);
	reset($tzs);
	while (list($key, $val) = each($tzs)) {
	if ($CURUSER["tzoffset"] == $key)
		$tz .= "<option value=\"$key\" selected>$val</option>\n";
	else
		$tz .= "<option value=\"$key\">$val</option>\n";
	}

	print("<TR><TD align=right class=table_col1><B>".ACCOUNT_TIMEZONE.":</b> </td><TD align=left class=table_col1><select name='tzoffset'>$tz</select></td></tr>");

	?>
	<tr><td colspan="2" align="center"><input type="submit" value="<? echo "" . SUBMIT . "";?>" style='height: 25px'> <input type="reset" value="<? echo "" . REVERT . "";?>" style='height: 25px'></td></tr>
	</table></form>

	<?
	end_frame();
	}


	if ($do == "save_settings"){
		$set = array();
		  $updateset = array();
		  $changedemail = $newsecret = 0;

		  if ($email != $CURUSER["email"]) {
				if (!validemail($email))
					$message = "" . NOT_VAILD_EMAIL . "";
				$changedemail = 1;
		  }
              $parked = $_POST["parked"];
		  $acceptpms = $_POST["acceptpms"];
		  $privacy = $_POST["privacy"];
		  $r = mysql_query("SELECT id FROM categories") or die(mysql_error());
		  $rows = mysql_num_rows($r);
		  for ($i = 0; $i < $rows; ++$i) {
				$a = mysql_fetch_assoc($r);
				if ($HTTP_POST_VARS["$a[id]"] == 'yes')
				  $notifs .= "[$a[id]]";
		  }  

		  if ($_POST['resetpasskey']) $updateset[] = "passkey=''"; 
		  
		  $avatar = $_POST["avatar"];
		  $title = $_POST["title"];
		  $signature = $_POST["signature"];
          $download = $_POST["download"];
          $upload = $_POST["upload"];
		  $stylesheet = $_POST["stylesheet"];
		  $language = $_POST["language"];
		  $client = strip_tags($_POST["client"]);
		  $age = $_POST["age"];
		  $gender= $_POST["gender"];
          $zodiactype = $_POST["zodiactype"];
          $zodiac = $_POST["zodiac"];
		  $country = $_POST["country"];
		  $teams = $_POST["teams"];
		  $privacy = $_POST["privacy"];
		  $timezone = (int)$_POST['tzoffset'];

		  if (is_valid_id($stylesheet))
			$updateset[] = "stylesheet = '$stylesheet'";
		  if (is_valid_id($language))
			$updateset[] = "language = '$language'";
          if (is_valid_id($download))
            $updateset[] = "download = $download";
          if (is_valid_id($upload))
             $updateset[] = "upload = $upload";
		  if (is_valid_id($teams))
			$updateset[] = "team = '$teams'";
		  if (is_valid_id($country))
			$updateset[] = "country = $country"; 
		  if ($acceptpms == "yes")
			$acceptpms = 'yes';
		  else
			$acceptpms = 'no';
		  if (is_valid_id($age)) 
		    $updateset[] = "age = '$age'";
            else
            if($CURUSER["class"] <= 3)
            autolink("account.php?action=edit_settings&do=edit", "<font size=5>".AGE_WRONG."</font>");
            $updateset[] = "parked = " . sqlesc($parked);
			$updateset[] = "acceptpms = ".sqlesc($acceptpms);
			$updateset[] = "commentpm = " . sqlesc($commentpm);
			$updateset[] = "notifs = ".sqlesc($notifs);
			$updateset[] = "privacy = ".sqlesc($privacy);
			$updateset[] = "gender = ".sqlesc($gender);
            $updateset[] = "zodiactype = " . sqlesc($zodiactype);
            $updateset[] = "zodiac = " . sqlesc($zodiac); 
            $icq = unesc($_POST["icq"]);
if (strlen($icq) > 10)
    show_error_msg(""._ERROR_."", "".CONTACT_ICQ." ".CONTACT_ERROR."");
$updateset[] = "icq = " . sqlesc($icq);

$msn = unesc($_POST["msn"]);
if (strlen($msn) > 30)
    show_error_msg(""._ERROR_."", "".CONTACT_MSN." ".CONTACT_ERROR."");
$updateset[] = "msn = " . sqlesc($msn);

$aim = unesc($_POST["aim"]);
if (strlen($aim) > 30)
    show_error_msg(""._ERROR_."", "".CONTACT_AIM." ".CONTACT_ERROR."");
$updateset[] = "aim = " . sqlesc($aim);

$yahoo = unesc($_POST["yahoo"]);
if (strlen($yahoo) > 30)
    show_error_msg(""._ERROR_."", "".CONTACT_YAHOO." ".CONTACT_ERROR."");
$updateset[] = "yahoo = " . sqlesc($yahoo);

$skype = unesc($_POST["skype"]);
if (strlen($skype) > 20)
    show_error_msg(""._ERROR_."", "".CONTACT_SKYPE." ".CONTACT_ERROR."");
$updateset[] = "skype = " . sqlesc($skype);
			$updateset[] = "client = ".sqlesc($client);
			$updateset[] = "avatar = " . sqlesc($avatar);
			$updateset[] = "signature = ".sqlesc($signature);
			$updateset[] = "title = ".sqlesc($title);
			$updateset[] = "tzoffset = $timezone";



		  /* ****** */

		  if (!$message) {

			if ($changedemail) {
				$sec = mksecret();
				$hash = md5($sec . $email . $sec);
				$obemail = rawurlencode($email);
				$updateset[] = "editsecret = " . sqlesc($sec);
				$thishost = $_SERVER["HTTP_HOST"];
				$thisdomain = preg_replace('/^www\./is', "", $thishost);
$body = <<<EOD
You have requested that your user profile (username {$CURUSER["username"]})
on {$site_config["SITEURL"]} should be updated with this email address ($email) as
user contact.

If you did not do this, please ignore this email. The person who entered your
email address had the IP address {$_SERVER["REMOTE_ADDR"]}. Please do not reply.

To complete the update of your user profile, please follow this link:

{$site_config["SITEURL"]}/account-ce.php?id={$CURUSER["id"]}&secret=$hash&email=$obemail

Your new email address will appear in your profile after you do this. Otherwise
your profile will remain unchanged.
EOD;

mail($email, "".$site_config["SITENAME"]." ".CHANGE_EMAIL."", $body, "".FROM.": ".$site_config["SITEEMAIL"]."", "".$site_config["SITEEMAIL"]."");
				$mailsent = 1;
			} //changedemail

			mysql_query("UPDATE users SET " . implode(",", $updateset) . " WHERE id = " . $CURUSER["id"]."") or die(mysql_error());
			$edited=1;
			if ($changedemail) {
            autolink("account.php", "".CHANGE_EMAIL_CONFIRM."");
             stdfoot(); 
			} else{
            autolink("account.php", "".ACCOUNT_UPDATE."");
            stdfoot();   
            }
		  }else{
			show_error_msg(""._ERROR_."", "".$message."");
		  }// message
	}// end do

}//end action

if ($action=="changepw"){

	if ($do=="newpassword"){
		if ($chpassword != "") {
					$res = mysql_query("SELECT id, password, secret, enabled FROM users WHERE id = " . $CURUSER["id"] . " AND status = 'confirmed'");
					$row = mysql_fetch_array($res);

					if (strlen($chpassword) < 6)
						$message = "" . PASS_TOO_SHORT . "";
					if ($chpassword != $passagain)
						$message = "" . PASSWORDS_NOT_MATCH . "";
					$chpassword = md5($chpassword);
		}

		if ((!$chpassword) || (!$passagain))
			$message = "".BLANK_FIELDS."!";

		begin_frame();
		navmenu();

		if (!$message){
			mysql_query("UPDATE users SET password = " . sqlesc($chpassword) . "  WHERE id = " . $CURUSER["id"]."") or die(mysql_error());
			echo "<br><br><center><b>".CHANGE_PASS_YES."</b></center>";
			logoutcookie();
		}else{
			echo "<br><br><B><CENTER>".$message."</CENTER></B><br><br>";
		}

		
		end_frame();
		stdfoot();
		die();
	}//do
	
	begin_frame("" . CHANGE_YOUR_PASS . ""); 
	navmenu();
	?>
	<form method=post action=account.php>
	<input type='hidden' name='action' value='changepw'>
	<input type='hidden' name='do' value='newpassword'>
	<table class='tablebg' border="0" cellspacing="0" cellpadding="0" align="center" width="60%">
    <tr><td class='rowtabhead' colspan="2" align="center"><? echo "" . CHANGE_YOUR_PASS . "";?></td></tr>  
	<?
	print("<tr><td align=right class=row1>" . NEW_PASSWORD . ":</td><td class=row2 align=left><input type=\"password\" name=\"chpassword\" size=\"38\" /><td>");
	print("<tr><td align=right class=row1>" . REPEAT . ":</B></td><td class=row2 align=left><input type=\"password\" name=\"passagain\" size=\"38\" /></td>");
	?>
	<tr><td class='rowEnd' colspan="2" align="center"><input type="submit" value="<? echo "" . SUBMIT . "";?>"> <input type="reset" value="<? echo "" . REVERT . "";?>"></td></tr>
	</table></form>
	<?
	end_frame();
}



stdfoot();
?>
Return current item: H-tracker