Location: PHPKode > projects > phpBlogger > userset.php
<?php session_start();
/* * ********************************************************************
*  Copyright notice PHP Blogger 1.2.
*
*  (c) 2011 Predrag Rukavina - admin[at]phpblogger[dot]org
*  All rights reserved
*
*  This script is part of the PHP Blogger project. 
*  The PHP Blogger project is free software; you can redistribute it and/or
*  modify it under the terms of the GNU General Public License
*  as published by the Free Software Foundation; either version 2
*  of the License, or (at your option) any later version.
*
*  This program is distributed in the hope that it will be useful,
*  but WITHOUT ANY WARRANTY; without even the implied warranty of
*  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
*  GNU General Public License for more details.
*
*  You should have received a copy of the GNU General Public License
*  along with this program; if not, write to the Free Software
*  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
*  MA  02110-1301, USA.
*
*  This copyright notice MUST appear in all copies of the script!
* ********************************************************************** */
include ('settings.php');
require_once ('languages/lang_english.php');
require_once ('salt.php');
require_once ('classes/securesession.class.php');
$ss = new SecSession();
$ss->check_browser = true;
$ss->check_ip_blocks = 2;
$ss->secure_word = $salt;
$ss->regenerate_id = true;
if (!$ss->Check() || !isset($_SESSION['loggedin']) || !$_SESSION['loggedin']){
	include ('form.php');
	die();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link rel="stylesheet" type="text/css" href="themes/classic/styles/style.css" />
<link href="themes/<?php echo $themes; ?>/styles/images/favicon.ico" type="image/x-icon" rel="shortcut icon" />
<title><?php echo $lang['USERPANEL'] ?></title>
</head>
<body>
<div id="wrapper">
<div class="headers">
<div class="headerin">
<div id="menu">
<li><a href="<?php echo $sitepath; ?>"><img id="logo" src="themes/<?php echo $themes; ?>/styles/images/logo.png" width="215px" height="35px" border="0" title="<?php echo $sitetitle; ?>" alt="<?php echo $sitetitle; ?>" /></a></li>
</div>
<div class="headerinfo">
<li class="float">
&nbsp;<?php echo $lang['LOGEDAS']; ?>&nbsp;<?php echo $_SESSION['INC_USER_NAME']; ?>.&nbsp;<a href="signout.php"><?php echo $lang['LINKOUT'] ?></a>
</li>
<li style="float:right">
</li>
</div>
</div>
</div>
<div id="main">
<?php
$shouter = @$_SESSION['INC_USER_ID'];
$arecordSet = &$conn->Execute('SELECT * FROM users WHERE usid = ? LIMIT 1', array($shouter));
if(!$arecordSet)
	print $conn->ErrorMsg();
else
	while(!$arecordSet->EOF) {
		$kori = $arecordSet->fields['usid'];
		$usercc = $arecordSet->fields['username'];
		$thumbs = $arecordSet->fields['thumbs'];
		$eeuser = $arecordSet->fields['email'];
		$cpriv = $arecordSet->fields['privilege'];
		$cdate = $arecordSet->fields['date'];
		$lastime = $arecordSet->fields['lastime'];
		$cfullname = $arecordSet->fields['fullname'];
		$chomep = $arecordSet->fields['homep'];
		$cbiosi = $arecordSet->fields['biosi'];
		$cthumbs = $arecordSet->fields['thumbs'];
		$arecordSet->MoveNext();
	}
	if(get_magic_quotes_gpc()) {
		$fullname = stripslashes($_POST['fullname']);
		$homep = stripslashes($_POST['homep']);
		$biosi = stripslashes($_POST['biosi']);
$newsletter = stripslashes($_POST['newsletter']);
$notification = stripslashes($_POST['notification']);
$birthday = stripslashes($_POST['birthday']);
$gender = stripslashes($_POST['gender']);
$location = stripslashes($_POST['location']);
	} else {
		$fullname = $_POST['fullname'];
		$homep = $_POST['homep'];
		$biosi = $_POST['biosi'];
$newsletter = $_POST['newsletter'];
$notification = $_POST['notification'];
$birthday = $_POST['birthday'];
$gender = $_POST['gender'];
$location = $_POST['location'];
	}
	if(@$coption == 1) {
		$file = $thumbs;
		$file1 = $thumbs;
		$file2 = $thumbs;
		$file = "uploads/".$file;
		$file1 = "maxthumb/".$file1;
		$file2 = "minthumb/".$file2;
		//@unlink($file);
		//@unlink($file1);
		//@unlink($file2);
	}
	@$coption = $_POST['coption'];
	$name = array($fullname,$homep,$biosi,$newsletter,$notification,$birthday,$gender,$location);
	foreach($name as $name) {
		if(preg_match("/%/",$name)) {
			echo "$lang[NOTVALID] '%'</div>";
			include ('static.php');
			die();
		}
		if(preg_match("/;/",$name)) {
			echo "$lang[NOTVALID] ';'</div>";
			include ('static.php');
			die();
		}
		if(preg_match("/</",$name)) {
			echo "$lang[NOTVALID] '<'</div>";
			include ('static.php');
			die();
		}
		if(preg_match("/\\[/",$name)) {
			echo "$lang[NOTVALID] '['</div>";
			include ('static.php');
			die();
		}
	}
	 if(strlen($homep) > 0) {
	if(!preg_match("/^(https?:\/\/+[\w\-]+\.[\w\-]+)/i",$homep)) {
		echo "<center>$lang[VIDOERR1]&nbsp;<a href=\"javascript:history.go(-1)\">$lang[GOBACK]</a></center></div>";
                $smarty->display('footer.php');
		die();
	}
}
	if(strlen($biosi) > 800) {
		echo "$lang[MAXCHAR] ($lang[LINKABOUT]): 800 <a href='javascript:history.go(-1)'>$lang[GOBACK]</a></div>";
		include ('static.php');
		die();
	}
	if(strlen($fullname) > 80) {
		echo "$lang[MAXCHAR] ($lang[LINKFULL]): 100 <a href='javascript:history.go(-1)'>$lang[GOBACK]</a></div>";
		include ('static.php');
                die();
	}
if(strlen($location) > 78) {
		echo "$lang[MAXCHAR] ($lang[LINKFULL]): 100 <a href='javascript:history.go(-1)'>$lang[GOBACK]</a></div>";
		include ('static.php');
                die();
	}
if(strlen($birthday) > 80) {
		echo "$lang[MAXCHAR] ($lang[LINKFULL]): 100 <a href='javascript:history.go(-1)'>$lang[GOBACK]</a></div>";
		include ('static.php');
                die();
	}
	if($_FILES['image']['name'] == "") {
		$new_image = "noavatar.png";
	} else {
		$current_image = $_FILES['image']['name'];
		$extension = substr(strrchr($current_image,'.'),1);
		if(($extension !== "jpg" && $extension !== "jpeg")) {
			die('Please Upload Valid .jpg or .jpeg File');
		}
		$time = date("fYhis");
		$new_image = $time.".".$extension;
		$destination = "uploads/".$new_image;
		$action = copy($_FILES['image']['tmp_name'],$destination);
		/**
		 * ccthumb()
		 * 
		 * @param mixed $imgSrc
		 * @param mixed $filename
		 * @param mixed $thumbnail_width
		 * @param mixed $thumbnail_height
		 * @return
		 */
		function ccthumb($imgSrc,$filename,$thumbnail_width,$thumbnail_height) {
			list($width_orig,$height_orig) = getimagesize($imgSrc);
			if($width_orig > 1280 || $height_orig > 1280) {
				echo "<br />Maximum width and height exceeded. Please upload images below  1280 x 1280 px size</div>";
				exit();
			}
			$tag = explode('.',$imgSrc);
			if(preg_match('/jpg|jpeg/',$tag[1])) {
				if(@$cimage = imagecreatefromjpeg($imgSrc) == true) {
					$cimage = imagecreatefromjpeg($imgSrc);
				} else {
					die("wrong file");
				}
			}
			$ratio_orig = $width_orig / $height_orig;
			if($thumbnail_width / $thumbnail_height > $ratio_orig) {
				$new_height = $thumbnail_width / $ratio_orig;
				$new_width = $thumbnail_width;
			} else {
				$new_width = $thumbnail_height * $ratio_orig;
				$new_height = $thumbnail_height;
			}
			$x_mid = $new_width / 2; //horizontal middle
			$y_mid = $new_height / 2; //vertical middle
			$process = imagecreatetruecolor(round($new_width),round($new_height));
			imagecopyresampled($process,$cimage,0,0,0,0,$new_width,$new_height,$width_orig,
				$height_orig);
			$thumb = imagecreatetruecolor($thumbnail_width,$thumbnail_height);
			imagecopyresampled($thumb,$process,0,0,($x_mid - ($thumbnail_width / 2)),($y_mid -
				($thumbnail_height / 2)),$thumbnail_width,$thumbnail_height,$thumbnail_width,$thumbnail_height);
			imagejpeg($thumb,$filename,100);
			return $thumb;
		}
                ccthumb($destination,'maxthumb/'.$new_image,225,225);
		ccthumb($destination,'midthumb/'.$new_image,48,48);
		ccthumb($destination,'minthumb/'.$new_image,24,24);
	}
	if($coption == 1) {
$sql = $conn->Prepare('UPDATE users SET fullname = ?, homep = ?, biosi = ?, thumbs = ?, newsletter = ?, notification = ?, birthday = ?, gender = ?, location = ? WHERE usid = ?');
if($conn->Execute($sql,array($fullname,$homep,$biosi,$new_image,$newsletter,$notification,$birthday,$gender,$location,$shouter)) === false) {
		print '<br /><div id="error">error inserting[1]: '.$conn->ErrorMsg().'</div><br />';
        }
        unset($_SESSION['INC_USER_THUMB']);
        $_SESSION['INC_USER_THUMB'] = $new_image;  
        } else {
$sql = $conn->Prepare('UPDATE users SET fullname = ?, homep = ?, biosi = ?, newsletter = ?, notification = ?, birthday = ?, gender = ?, location = ? WHERE usid = ?');
if($conn->Execute($sql,array($fullname,$homep,$biosi,$newsletter,$notification,$birthday,$gender,$location,$shouter)) === false) {
		print '<br /><div id="error">error inserting[1]: '.$conn->ErrorMsg().'</div><br />';
	}
	}
	echo "<br />$lang[EDITSUCC] <a href=\"javascript:history.go(-1)\"> $lang[GOBACK]</a>";
	$conn->Close();
?>
</div>
</div>
<?php
$arecordSet->Close();
$conn->Close();

?>
</div>
<?php
include ('static.php');
###############################
# userset.php   version 1.1.6.#
###############################
?>
Return current item: phpBlogger