Location: PHPKode > projects > MyOrgBook > myorgbook/profile.php
<?php
/*
Purpose: User Profile

$Header: /cvsroot/myorgbook/unstable/profile.php,v 1.16 2003/10/19 14:24:41 mik3 Exp $
$Log: profile.php,v $
Revision 1.16  2003/10/19 14:24:41  mik3
Timezone stuff

Revision 1.15  2003/10/17 19:12:20  mik3
Timezone stuff works

Revision 1.14  2003/10/04 19:01:55  mik3
Made timeformat an users choice (24h / am/pm)

Revision 1.13  2003/08/17 18:35:53  mik3
Added syntax check en MX check on e-mail change

Revision 1.12  2003/08/16 15:03:08  mik3
Removed obsolete code

Revision 1.11  2003/08/11 18:30:58  mik3
made mail both text and html

Revision 1.10  2003/08/11 16:20:54  mik3
Changed the way feedback behaves

Revision 1.9  2003/08/02 13:44:38  mik3
Layout changes, language changes, theme support changes. Iow version 2.5

Revision 1.8  2003/06/20 22:04:22  mik3
Changed how language works, fixed bugs, made small other enhancements.......

*/

include ('inc/session.inc');
include ('inc/functions.inc');
include ('inc/template.inc');


// If time menu
if (isset($_REQUEST['Action']) && ($_REQUEST['Action']=="time_view")) {
	// Setup the template
	$MyPage = New Template("Templates/$Theme/");
	$MyPage->set_file(array("MyHeaderHandle" => "header.tpl",
			"MyFileHandle" => "profile_time.tpl",
			"MyError" => "error.tpl",
			"MyInfo" => "info.tpl"));
	// Checking for error
	if ($Error != "") {
		$MyPage->set_var("error_text",$Error);
		$MyPage->parse("Error_Element","MyError");
	}
	// Checking for info
	if ($Info != "") {
		$MyPage->set_var("info_text",$Info);
		$MyPage->parse("Info_Element","MyInfo");
	}
	// Setting the variables
	include ('inc/Templateheader.inc');

	// parsing header
	$MyPage->parse("header","MyHeaderHandle",true);

	// Filling variables
	$MyPage->set_var("Update My Profile",msg('Update My Profile'));
	$MyPage->set_var("User settings",msg('User settings'));
	$MyPage->set_var("Back",msg('Back'));
	$MyPage->set_var("Time format:",msg('Time format:'));
	$MyPage->set_var("Time zone:",msg('Time zone:'));
	$MyPage->set_var("Update",msg('Update'));
	$MyPage->set_var("NegLang",$_SESSION["Language"]);
	$MyPage->set_var("Select_TF_" . $_SESSION["TimeFormat"],"SELECTED");
	$MyPage->set_var("Select_" . $_SESSION["TimeZone"],"SELECTED");
	$MyPage->set_var("Adjust tasks to same time in new TZ?",msg('Adjust tasks to same time in new TZ?'));

	//outputting page
	$MyPage->pparse("output","MyFileHandle");
	exit;
}

// Time update
if (isset($_REQUEST['Action']) && ($_REQUEST['Action']=="time_update")) {
	// update in database
	$query = "UPDATE myorgbook_users SET TimeFormat = '" . $_REQUEST['Time_Format'] . "', TimeZone = '" . $_REQUEST['timezone'] . "' WHERE uemail 	= '" . $_SESSION['Email'] . "'";
	$result = $db->Execute($query);
	if ($result == false) die(msg('Query Failed'));
	// Checking if tasks should be updated.
	if (($_REQUEST['adjust'] == "yes") && ($_SESSION["TimeZone"] != $_REQUEST['timezone'])) {
		$diff_hours = round($_SESSION["TimeZone"]/100) - round($_REQUEST['timezone']/100);
		$diff_m1 = substr($_SESSION["TimeZone"],0,1) . substr($_SESSION["TimeZone"],3,2);
		$diff_m2 = substr($_REQUEST['timezone'],0,1) . substr($_REQUEST['timezone'],3,2);
		$diff_minutes = $diff_m1 - $diff_m2;
		$diff = ($diff_hours * 3600) + ($diff_minutes * 60);
		$query = "UPDATE myorgbook_tasks SET date = date + $diff WHERE uemail 	= '" . $_SESSION['Email'] . "'";
		$result = $db->Execute($query);
		if ($result == false) die(msg('Query Failed'));
		$query = "UPDATE myorgbook_tasks SET reminder_date = reminder_date + $diff WHERE uemail = '" . $_SESSION['Email'] . "' AND reminder_date != -1";
		$result = $db->Execute($query);
		if ($result == false) die(msg('Query Failed'));
	}
	// update in memory
	$_SESSION["TimeFormat"] = $_REQUEST['Time_Format'];
	$_SESSION["TimeZone"] = $_REQUEST['timezone'];
	// Output success
	header("Location: http://".$_SERVER['SERVER_NAME']."/".substr($_SERVER['PHP_SELF'], 1, strrpos($_SERVER['PHP_SELF'],"/")) . "profile.php?Action=time_view&Info=" . msg('Your profile has been updated.'));
	exit;
}


// If updatebutton is pressed updating profile
if (isset($_REQUEST['UProfile'])) {
	// Setting the long query, making sure no HTML and to get quotes right
	$query = "UPDATE myorgbook_users SET
	user_lname  	= " . $db->qstr(StripHTML($_REQUEST['user_lname']),get_magic_quotes_gpc()) . ",
	user_fname  	= " . $db->qstr(StripHTML($_REQUEST['user_cfname']),get_magic_quotes_gpc()) . " 
	WHERE uemail 	= '" . $_SESSION['Email'] . "'";
	$result = $db->Execute($query);
 	if ($result == false) die(msg('Query Failed'));
 	// Giving a success message
	if ($_REQUEST['e-mail_address'] != $_SESSION['Email']) {
		// Check new e-mail addy syntax
		if (!(eregi("^[_\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,6}$",$_REQUEST['e-mail_address']))) {
			header("Location: http://".$_SERVER['SERVER_NAME']."/".substr($_SERVER['PHP_SELF'], 1, strrpos($_SERVER['PHP_SELF'],"/")) . "profile.php?Error=" . msg('Invalid Email Address. Please Try Again.'));
			exit;
		}
		// Check for MX records and/or hostname (doesn't work on windows, function automagically succeeds then :-)
		$emailcheck = explode('@',$_REQUEST['uemail']);
		$mailhost = $emailcheck[1];
		$mailhost=$mailhost.".";
		if ((getmxrr($mailhost, $mxhosts) == FALSE && gethostbyname($mailhost) == $mailhost) || substr(php_uname(), 0, 7) == "Windows"){
			header("Location: http://".$_SERVER['SERVER_NAME']."/".substr($_SERVER['PHP_SELF'], 1, strrpos($_SERVER['PHP_SELF'],"/")) . "profile.php?Error=" . msg('Invalid Email Address. Please Try Again.'));
			exit;
		}
		// check if e-mail address is already in use
		$result = $db->Execute("SELECT * FROM myorgbook_users WHERE uemail = '" . $_REQUEST['e-mail_address'] . "'");
		if ($result === false) die(msg('Query Failed'));
			$num = $result->RecordCount();
			if($num != "0") {
				header("Location: http://".$_SERVER['SERVER_NAME']."/".substr($_SERVER['PHP_SELF'], 1, strrpos($_SERVER['PHP_SELF'],"/")) . "profile.php?Error=" . msg('Username already exists please try another username'));
				exit;
			} else {
				// Set a new random cookie id that can be used to identify the user
				$Timestamp = strtotime ("now");
				$result = $db->Execute("UPDATE myorgbook_users SET last_login = '$Timestamp' where uemail = '" . $_SESSION['Email'] . "'");
				if ($result == false) die(msg('Query Failed'));
				$ChangeURL = "http://".$_SERVER['SERVER_NAME']."/".substr($_SERVER['PHP_SELF'], 1, strrpos($_SERVER['PHP_SELF'],"/")) . "ChangeEmail.php?id=" . $Timestamp  . "&old=true&mail_old=" . $_SESSION['Email'] . "&mail_new=" . $_REQUEST['e-mail_address'] . "&Lang=" . $_SESSION['Language'];
				// send e-mail
				include ('mail/htmlMimeMail.php');
				$mail = new htmlMimeMail();
				$HTMLBody = "<a href='$ChangeURL'>" . msg('Myorgbook request: Email change') . "</a><br><br>" . nl2br(msg("Above URL will confirm the email change.\n\nRegards,\n\n")) . $MyName;
				$TextBody = msg('Myorgbook request: Email change') . "\n$ChangeURL\n\n" . msg("Above URL will confirm the email change.\n\nRegards,\n\n") . $MyName;
				$mail->setHTML($HTMLBody,$TextBody);
				$mail->setSubject(msg('Myorgbook request: Email change'));
				$mail->setFrom($MyName . '<' . $MyEmail . '>');
				$result = $mail->send(array($_SESSION['Email']));

				if ($result) {
					header("Location: http://".$_SERVER['SERVER_NAME']."/".substr($_SERVER['PHP_SELF'], 1, strrpos($_SERVER['PHP_SELF'],"/")) . "profile.php?Info=" . msg('The confirmation e-mail has been sent'));
					exit;
				}
			}
		
	}	
	header("Location: http://".$_SERVER['SERVER_NAME']."/".substr($_SERVER['PHP_SELF'], 1, strrpos($_SERVER['PHP_SELF'],"/")) . "profile.php?Info=" . msg('Your profile has been updated.'));
	exit;
}

// If password button is pressed updating password
if (isset($_REQUEST['UPass']))	{
	$ADODB_FETCH_MODE = ADODB_FETCH_ASSOC;
 	// retrieving password to compare
 	$result = $db->Execute("SELECT password FROM myorgbook_users WHERE uemail = '". $_SESSION['Email'] . "'");
 	if ($result == false) die(msg('Query Failed'));
	$r = $result->fields;
	$currentpassword = $r["password"];
	$MD5Password = md5($_REQUEST['password']);
		
	if ($currentpassword == $MD5Password){
		// comparing new passwords
		if ($_REQUEST['vpassword'] == $_REQUEST['npassword']){
			// Hashing the new password and putting it in the database
			$MD5Password = md5($_REQUEST['vpassword']);
		 	$result = $db->Execute("UPDATE myorgbook_users SET password = '$MD5Password' WHERE uemail = '" . $_SESSION['Email'] . "'");
 			if ($result == false) die(msg('Query Failed'));
			// Giving a success message
			header("Location: http://".$_SERVER['SERVER_NAME']."/".substr($_SERVER['PHP_SELF'], 1, strrpos($_SERVER['PHP_SELF'],"/")) . "profile.php?Info=" . msg('Your password has been updated. Remember to use it at next logon.'));
			exit;
		} else {
			// Giving an error back that the 2 passwords don't match
			header("Location: http://".$_SERVER['SERVER_NAME']."/".substr($_SERVER['PHP_SELF'], 1, strrpos($_SERVER['PHP_SELF'],"/")) . "profile.php?Error=" . msg('Passwords Do Not Match. Please Retry.'));
			exit;
		}
	} else {
		// Giving an error back that the current password isn't correct
		header("Location: http://".$_SERVER['SERVER_NAME']."/".substr($_SERVER['PHP_SELF'], 1, strrpos($_SERVER['PHP_SELF'],"/")) . "profile.php?Error=" . msg('Current Password is Incorrect. Please Retry.'));
		exit;
	}
}

// Retrieving all profile data outof the database
$result = $db->Execute("SELECT * FROM myorgbook_users WHERE uemail = '". $_SESSION['Email'] . "'");
if ($result == false) die(msg('Query Failed'));
$r = $result->fields;	
$user_fname 	= $r["user_fname"];
$user_lname 	= $r["user_lname"];


// Setup the template
$MyPage = New Template("Templates/$Theme/");
$MyPage->set_file(array("MyHeaderHandle" => "header.tpl",
			"MyFileHandle" => "profile.tpl",
			"MyError" => "error.tpl",
			"MyInfo" => "info.tpl"));
// Checking for error
if ($Error != "") {
	$MyPage->set_var("error_text",$Error);
	$MyPage->parse("Error_Element","MyError");
}
// Checking for info
if ($Info != "") {
	$MyPage->set_var("info_text",$Info);
	$MyPage->parse("Info_Element","MyInfo");
}
// Setting the variables
include ('inc/Templateheader.inc');

// parsing header
$MyPage->parse("header","MyHeaderHandle",true);

// Filling data
$MyPage->set_var("e-mail_address",$_SESSION['Email']);
$MyPage->set_var("Update My Profile",msg('Update My Profile'));
$MyPage->set_var("First Name:",msg('First Name:'));
$MyPage->set_var("user_fname",$user_fname);
$MyPage->set_var("Last Name:",msg('Last Name:'));
$MyPage->set_var("user_lname",$user_lname);
$MyPage->set_var("Email:",msg('Email:'));
$MyPage->set_var("Back",msg('Back'));
$MyPage->set_var("NegLang",$_SESSION["Language"]);
$MyPage->set_var("Change Password",msg('Change Password'));
$MyPage->set_var("Current Password:",msg('Current Password:'));
$MyPage->set_var("New Password:",msg('New Password:'));
$MyPage->set_var("Verify New Password:",msg('Verify New Password:'));
$MyPage->set_var("Time settings",msg('Time settings'));

//outputting page
$MyPage->pparse("output","MyFileHandle");
?>
Return current item: MyOrgBook