Location: PHPKode > projects > QuickTalk Forum > quicktalk/qtf_user.php
<?php

/**
* PHP versions 4 and 5
*
* LICENSE: This source file is subject to version 3.0 of the PHP license
* that is available through the world-wide-web at the following URI:
* http://www.php.net/license.  If you did not receive a copy of
* the PHP License and are unable to obtain it through the web, please
* send a note to hide@address.com so we can mail you a copy immediately.
*
* @package    QuickTalk
* @author     Philippe Vandenberghe <hide@address.com>
* @copyright  2008-2012 The PHP Group
* @version    2.5 build:20100923
*/

session_start();
require_once('bin/qtf_init.php');
if ( !$oVIP->CanView('V4') ) HtmlPage(11);

$id = -1;
if ( isset($_GET['id']) ) $id = intval($_GET['id']);
if ( isset($_POST['id']) ) $id = intval($_POST['id']);
if ( isset($_GET['edit']) ) $_SESSION[QT]['editing']=($_GET['edit']=='1' ? true : false);
if ( isset($_POST['edit']) ) $_SESSION[QT]['editing']=($_POST['edit']=='1' ? true : false);
if ( $id<0 ) die('Wrong id');

// --------
// FUNCTION
// --------

function show_ban($strRole='V',$intBan=0)
{
  if ( $intBan<1 ) return '';
  if ( $strRole=='A' || $strRole=='M' )
  {
    global $L;
    if ( $intBan>1 ) $intBan=($intBan-1)*10;
    Return '<p class="small error">'.$L['Is_banned'].' '.strtolower(LangS('Day',$intBan)).' '.$L['Since'].' '.strtolower($L['Last_message']).'</p>';
  }
}

// --------
// INITIALISE
// --------
  
include('bin/qt_lib_smtp.php');
include(Translate('qtf_reg.php'));

$bCanEdit = false;
if ( $oVIP->id==$id ) $bCanEdit=true;
if ( $oVIP->IsStaff() ) $bCanEdit=true;
if ( $id==0 ) $bCanEdit=false;
if ( !isset($_SESSION[QT]['editing']) || !$bCanEdit) $_SESSION[QT]['editing']=false;

$oVIP->selfurl = 'qtf_user.php';
$oVIP->selfname = $L['Profile'];

// MAP MODULE

if ( UseModule('map') ) { $bCheckList=false; include('qtfm_map_ini.php'); } else { $bMap=false; }

// --------
// SUBMITTED
// --------

if ( isset($_POST['ok']) )
{
  // check form
  
  $strLoca = trim($_POST['location']); if ( get_magic_quotes_gpc() ) $strLoca = stripslashes($strLoca);
  $strLoca = QTconv($strLoca,'3',QTF_CONVERT_AMP);

  if ( empty($error) )
  {
    $strMail = trim($_POST['mail']);
    $strMail = str_replace(';',' ; ',$strMail);
    $strMail = str_replace('  ',' ',$strMail);
    if ( !empty($strMail) && !QTismail($strMail) ) $error=$L['Email'].S.$strMail.' '.$L['E_invalid'];
  }

  if ( empty($error) )
  {
    if ( empty($_POST['birth_y']) || empty($_POST['birth_d']) || empty($_POST['birth_d']) )
    {
      $strBirth = '0';
    }
    else
    {
      $i = intval($_POST['birth_y'])*10000+intval($_POST['birth_m'])*100+intval($_POST['birth_d']);
      if ( !QTisvaliddate($i,true,false,false) ) $error = $L['Birthday'].' ('.$_POST['birth_y'].'-'.$_POST['birth_m'].'-'.$_POST['birth_d'].') '.$L['E_invalid']; 
      $strBirth = $i;
    }    
  }

  if ( empty($error) )
  {
    if ( isset($_POST['child']) ) { $strChild = substr($_POST['child'],0,1); } else { $strChild = '0'; }
    if ( $id==1 && $strChild!='0' ) $error='user id[1] is admin and child status cannot be changed...';
    if ( $id==0 && $strChild!='0' ) $error='user id[0] is visitor and child status cannot be changed...';
  }

  if ( empty($error) )
  {
    if ( isset($_POST['parentmail']) ) { $strParentmail = trim($_POST['parentmail']); } else { $strParentmail=''; }
    if ( !empty($strParentmail) ) { if ( !QTismail($strParentmail) ) $error=$L['Parent_mail'].S.$L['E_invalid']; }
  }

  if ( empty($error) )
  {
    $strWww = QTconv($_POST['www'],'2');
    if ( !empty($strWww) && substr($strWww,0,4)!='http' ) $error=$L['Website'].S.$L['E_invalid'];
    if ( $strWww=='http://' || $strWww=='https://' ) $strWww='';
  }
  
  // Save

  if ( empty($error) )
  {
    $oDB->Query('UPDATE '.TABUSER.' SET birthday="'.$strBirth.'",location="'.addslashes($strLoca).'", mail="'.$strMail.'", www="'.addslashes($strWww).'", privacy="'.$_POST['privacy'].'", children="'.$strChild.'", parentmail="'.$strParentmail.'" WHERE id='.$id);
    if ( isset($_POST['coord']) )
    {
      if ( empty($_POST['coord']) )
      {
      QTgpointdelete(TABUSER,$id);
      }
      else
      {
      QTgpoint(TABUSER,$id,QTgety($_POST['coord']),QTgetx($_POST['coord']));
      }
    }

    // parent warning if coppa
    
    if ( $strChild=='1' ) {
    if ( $_SESSION[QT]['register_coppa']=='1' ) {
      $strSubject='Profile updated';
      $strMessage="Your children (login: %s) has modified his/her profile on the board {$_SESSION[QT]['site_name']}.";
      $strFile = GetLang().'mail_profile_coppa.php';
      if ( file_exists($strFile) ) include($strFile);
      $strMessage = sprintf($strMessage, $_POST['name']);
      QTmail($_POST['parentmail'],$strSubject,$strMessage,QTF_HTML_CHAR);
    }}

    // exit
    
    $oVIP->exiturl = 'qtf_user.php?id='.$id;
    $oVIP->exitname = $L['Profile'];
    $oVIP->EndMessage(NULL,$L['S_save'],$_SESSION[QT]['skin_dir'],2);
  }
}

// --------
// STATS AND USER
// --------

// COUNT TOPICS

$oDB->Query('SELECT count(id) as countid FROM '.TABTOPIC.' WHERE firstpostuser='.$id);
$row = $oDB->Getrow();
$counttopics = $row['countid'];

// COUNT MESSAGES

$oDB->Query('SELECT count(id) as countid FROM '.TABPOST.' WHERE userid='.$id);
$row = $oDB->Getrow();
$countmessages = $row['countid'];

// QUERY USER

$oDB->Query('SELECT * FROM '.TABUSER.' WHERE id='.$id);
$row = $oDB->Getrow();
$row['name'] = QTconv($row['name'],'5');

  // check privacy
  if ( $oVIP->IsPrivate($row['privacy'],$id) ) { $row['y']=null; $row['x']=null; }

  // staff cannot edit other staff nor admin
  if ( $row['role']=='M' && $oVIP->role=='M' && !QTF_STAFFEDITSTAFF && $oVIP->id!=$id ) { $bCanEdit=false; $_SESSION[QT]['editing']=false; }
  if ( $row['role']=='A' && $oVIP->role=='M' && !QTF_STAFFEDITADMIN ) { $bCanEdit=false; $_SESSION[QT]['editing']=false; }

if ( $bMap )
{
  if ( !empty($row['x']) && !empty($row['y']) )
  {
    $strPname = QTconv($row['name'],'U');
    $strPlink = '<a class="small" href="http://maps.google.com?q='.floatval($row['y']).','.floatval($row['x']).'+('.urlencode($strPname).')&z='.$_SESSION[QT]['m_map_gzoom'].'" title="'.$L['map']['In_google'].'" target="_blank">[G]</a>';
    $strPinfo = '<span class="bold">Lat: '.QTdd2dms(floatval($row['y'])).' <br/>Lon: '.QTdd2dms(floatval($row['x'])).'</span><br/><span class="small">DD: '.round(floatval($row['y']),8).', '.round(floatval($row['x']),8).'</span> '.$strPlink;
    $oMapPoint = new cMapPoint(floatval($row['y']),floatval($row['x']),$strPname,$strPinfo);
    $oMapPoint->icon        = QTgetsymbol($row['role'],'icon');
    $oMapPoint->shadow      = QTgetsymbol($row['role'],'shadow');
    $oMapPoint->printicon   = QTgetsymbol($row['role'],'printicon');
    $oMapPoint->printshadow = QTgetsymbol($row['role'],'printshadow');
    $arrExtData[] = $oMapPoint;
  }
}

// --------
// HTML START
// --------

include('qtf_p_header.php');

if ( $id<0 )  die('Wrong id in qtf_user.php');

// -- PARTICIPATION INFO --

$strParticip = '';
if ( $counttopics>0 )
{
$strParticip .= '<a href="qtf_find.php?a=user&amp;k1='.$id.'&amp;k2='.urlencode($row['name']).'">'.LangS('Topic',$counttopics).'</a>, ';
}
if ( $countmessages>0 )
{
  $strParticip .= '<span class="small">'.LangS('Message',$countmessages).', '.strtolower($L['Last_message']).' '.QTdatestr($row['lastdate'],'$','$',true);
  $oDB->Query( 'SELECT p.id,p.topic,p.forum FROM '.TABPOST.' p WHERE p.userid='.$id.' ORDER BY p.issuedate DESC' );
  $row2 = $oDB->Getrow();
  $strParticip .= ' <a class="small" href="qtf_topic.php?t='.$row2['topic'].'&amp;tt=messages#p'.$row2['id'].'" title="'.$L['H_Goto_message'].'">'.$L['Goto_message'].'</a></span>';
}

// -- STAFF MENU --

if ( $oVIP->role=='A' )
{
echo '
<form method="get" action="qtf_change.php" id="modaction">
<div class="modboard">
<span class="modboard">',$L['Userrole']['A'],' 
<select name="a" class="small" onchange="',"if (this.value!='') { document.getElementById('modaction').submit(); }",'">
<option value="">',S,'</option>
<option value="pwdreset">',$L['Reset_pwd'],'...</option>',
($id>1 ? '<option value="userrole">'.$L['Change_role'].'...</option>
<option value="user_ban">'.$L['Ban_user'].'...</option>
<option value="user_del">'.$L['User_del'].'...</option>
' :''),'
<input type="submit" name="Mok" value="',$L['Ok'],'" class="small" id="action_ok"/>
<input type="hidden" name="p" value="',$id,'"/>
<script type="text/javascript">document.getElementById("action_ok").style.display="none";</script>
</span>
</div>
</form>
';
}

// -- DISPLAY PROFILE --

$strMail = '';  if ( !empty($row['mail']) && !$oVIP->IsPrivate($row['privacy'],$id) ) $strMail = AsEmails($row['mail'],$id,0,'txt'.(QTF_JAVA_MAIL ? 'java' : ''),false,$_SESSION[QT]['skin_dir'],$L['E_javamail']);
$strLocation = ''; if ( !empty($row['location']) && !$oVIP->IsPrivate($row['privacy'],$id) ) $strLocation = $row['location'];
$strCoord = ''; if ( $bMap && !empty($row['x']) && !empty($row['y']) ) { if ( !$oVIP->IsPrivate($row['privacy'],$id) ) $strCoord = QTdd2dms(floatval($row['y'])).', '.QTdd2dms(floatval($row['x'])).' '.$L['Coord_latlon'].' <span class="small disabled">DD '.round(floatval($row['y']),8).','.round(floatval($row['x']),8).'</span>'; }
$strPriv = '';  if ( $row['privacy']!=2 && ($oVIP->IsStaff() || $oVIP->id==$id) ) $strPriv=' <img class="ico" src="admin/private'.$row['privacy'].'.gif" title="'.$L['Privacy_visible'][$row['privacy']].'"/>';

echo '<h2>',$oVIP->selfname,'</h2>
<table class="hidden" cellspacing="0" summary="profile layout">
<colgroup span="2"><col width="175"></col><col></col></colgroup>
<tr class="hidden">
<td class="hidden">',AsImgBox(AsImg( (empty($row['picture']) ? '' : QTF_DIR_PIC.$row['picture']),'',$row['name']),'picbox','',$row['name']),show_ban($oVIP->role,$row['closed']);
if ( CanPerform('show_calendar',$oVIP->role) )
{
echo '<p><a href="',Href('qtf_calendar.php'),(empty($row['birthday']) ? '' : '?m='.substr($row['birthday'],4,2)).'">'.$L['Birthdays_calendar'].'</a></p>';
}
if ( !$_SESSION[QT]['editing'] && $bCanEdit )
{
  if ( $_SESSION[QT]['avatar']!='0' )
  {
  echo '<p><a href="',Href('qtf_user_img.php'),'?id=',$id,'">',$L['Change_picture'],'</a></p>';
  }
  echo '<p><a href="',Href('qtf_user_sign.php'),'?id=',$id,'">',$L['Change_signature'],'</a></p>';
  echo '<p><a href="',Href('qtf_user_pwd_chg.php'),'?id=',$id,'">',$L['Change_password'],'</a></p>';
  echo '<p><a href="',Href('qtf_user_question.php'),'?id=',$id,'">',$L['Secret_question'],'</a></p>';
}
echo '</td>
<td class="hidden">
';
echo '
<table class="data_o" cellspacing="0" summary="profile">
<colgroup span="2"><col width="150"></col><col></col></colgroup>
<tr class="data_o"><td class="colhd colhdfirst">',$L['Username'],'</td><td class="colct"><b>',$row['name'],'</b> ';
if ( $oVIP->role=='A' || ($oVIP->id==$id && QTF_CHANGE_USERNAME) ) {
if ( $id>1 ) {
  echo ' &middot; <a class="small" href="qtf_user_rename.php?id=',$id,'">',$L['Change_name'],'</a>';
}}
echo '</td></tr>
<tr class="data_o"><td class="colhd colhdfirst">',$L['Role'],'</td><td class="colct">',$L['Userrole'][$row['role']],'</td></tr>
<tr class="data_o"><td class="colhd colhdfirst">',$L['Location'],$strPriv,'</td><td class="colct">',$strLocation,'&nbsp;</td></tr>
<tr class="data_o"><td class="colhd colhdfirst">',$L['Email'],$strPriv,'</td><td class="colct">',$strMail,'&nbsp;</td></tr>
<tr class="data_o"><td class="colhd colhdfirst">',$L['Website'],'</td><td class="colct">',( empty($row['www']) ? S : '<a href="'.$row['www'].'" target="_blank">'.$row['www'].'</a>' ),'</td></tr>
<tr class="data_o"><td class="colhd colhdfirst">',$L['Birthday'],'</td><td class="colct">'.(empty($row['birthday']) ? S : QTdatestr($row['birthday'],'$','')).'</td></tr>
<tr class="data_o"><td class="colhd colhdfirst">',$L['Joined'],'</td><td class="colct">',QTdatestr($row['firstdate'],'$','$',true),'</td></tr>
<tr class="data_o"><td class="colhd colhdfirst">',$L['Messages'],'</td><td class="colct">',$strParticip,'</td></tr>
';

if ( !$_SESSION[QT]['editing'] ) {
if ( $bMap ) {
if ( !empty($row['x']) && !empty($row['y']) ) {

  $strPosition = '<div id="map_canvas" style="width:100%; height:350px;"></div>';
  echo '<tr class="data_o"><td class="colhd colhdfirst">',$L['map']['position'],$strPriv,'</td><td class="colct">',$strPosition,'</td></tr>';
  echo '<tr class="data_o"><td class="colhd colhdfirst">',$L['Coord'],'</td><td class="colct">'.$strCoord.(isset($strPlink) ? S.$strPlink : S).'</td></tr>
  ';

}}}

if ( !$_SESSION[QT]['editing'] ) {
if ( $oVIP->id==$id || $oVIP->IsStaff() ) {
  echo '<tr class="data_o"><td class="colhd colhdfirst">',$L['Privacy'],$strPriv,'</td><td class="colct">',$L['Email'],'/',$L['Location'],($bMap ? '/'.$L['map']['position'] : ''),' ',$L['Privacy_visible'][$row['privacy']],'</td></tr>';
}}

echo '</table>
';
echo '
</td>
</tr>
</table>
';

// -- EDIT PROFILE --
if ( $_SESSION[QT]['editing'] ) {
// -- EDIT PROFILE --

echo '
<h2>',$L['User_upd'],'</h2>
<table class="hidden" cellspacing="0" summary="profile layout">
<colgroup span="2"><col width="175"></col><col></col></colgroup>
<tr class="hidden">
<td class="hidden">
';
if ( $_SESSION[QT]['avatar']!='0' )
{
echo '<p><a href="',Href('qtf_user_img.php'),'?id=',$id,'">',$L['Change_picture'],'</a></p>';
}
echo '<p><a href="',Href('qtf_user_sign.php'),'?id=',$id,'">',$L['Change_signature'],'</a></p>';
echo '<p><a href="',Href('qtf_user_pwd_chg.php'),'?id=',$id,'">',$L['Change_password'],'</a></p>';
echo '<p><a href="',Href('qtf_user_question.php'),'?id=',$id,'">',$L['Secret_question'],'</a></p>';
echo '</td>',N;
echo '<td class="hidden">',N;
echo '
<form method="post" action="',Href('qtf_user.php'),'?id=',$id,'">
<table class="data_o" cellspacing="0" summary="profile edition">
<colgroup span="2"><col width="150"></col><col></col></colgroup>
<tr class="data_o"><td class="colhd colhdfirst">',$L['Location'],'</td><td class="colct"><input type="text" name="location" size="35" maxlength="24" value="',$row['location'],'"/></td></tr>
<tr class="data_o"><td class="colhd colhdfirst">',$L['Email'],'</td><td class="colct"><input type="text" name="mail" size="35" maxlength="64" value="',$row['mail'],'"/></td></tr>
<tr class="data_o"><td class="colhd colhdfirst">',$L['Website'],'</td><td class="colct"><input type="text" name="www" size="35" maxlength="64" value="',( !empty($row['www']) ? $row['www'] : 'http://' ),'" title="',$L['H_Website'],'"/></td></tr>
<tr class="data_o"><td class="colhd colhdfirst">',$L['Birthday'],'</td>
';
$strBrith_y = '';
$strBrith_m = '';
$strBrith_d = '';
if ( !empty($row['birthday']) )
{
  $strBrith_y = intval(substr(strval($row['birthday']),0,4));
  $strBrith_m = intval(substr(strval($row['birthday']),4,2));
  $strBrith_d = intval(substr(strval($row['birthday']),6,2));
}
echo '<td class="colct"><select name="birth_d" size="1">',N;
echo QTasTag(array(0=>'',1=>1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31),$strBrith_d);
echo '</select>',N;
echo '<select name="birth_m" size="1">',N;
echo '<option value="0"></option>',QTasTag($L['dateMMM'],$strBrith_m);
echo '</select>',N;
echo '<input type="text" id="birth_y" name="birth_y" size="4" maxlength="4" value="',$strBrith_y,'"/></td>';
echo '</tr>',N;
if ( $oVIP->role=='A' && $id>1 )
{
  if ( $_SESSION[QT]['register_coppa']=='1' )
  {
  echo '<tr class="data_o">';
  echo '<td class="colhd colhdfirst">',$L['Child'],'</td>';
  echo '<td class="colct">';
  echo '<select size="1" name="child">';
  echo '<option value="0"',($row['children']=='0' ? QSEL : ''),'>',$L['N'],'</option>';
  echo '<option value="1"',($row['children']=='1' ? QSEL : ''),'>',$L['Y'],' ',$L['With_parent_agree'],'</option>';
  echo '<option value="2"',($row['children']=='2' ? QSEL : ''),'>',$L['Y'],' ',$L['Without_parent_agree'],'</option>';
  echo '</select>';
  echo '</td>';
  echo '</tr>';
  echo '<tr class="data_o">';
  echo '<td class="colhd colhdfirst">',$L['Parent_mail'],'</td>';
  echo '<td class="colct"><input type="text" name="parentmail" size="32" maxlength="64" value="',$row['parentmail'],'"/></td>';
  echo '</tr>';
  }
}

if ( $bMap )
{
  $strPosition = '<p class="small" style="margin:2px 0 4px 2px;text-align:right">'.$L['map']['cancreate'];
  $strPosition .= ' | <a class="small" href="javascript:void(0)" onclick="createMarker(); return false;" title="'.$L['map']['H_pntadd'].'"/>'.$L['map']['pntadd'].'</a>';
  if ( !empty($row['x']) || !empty($row['y']) )
  {
    $strPosition = '<p class="small" style="margin:2px 0 4px 2px;text-align:right">'.$L['map']['canmove'];
    $strPosition .= ' | <a class="small" href="javascript:void(0)" onclick="deleteMarker(); return false;"/>'.$L['map']['pntdelete'].'</a>';
  }
  $strPosition .= ' | <a class="small" href="javascript:void(0)" onclick="undoChanges(); return false;"/>'.$L['map']['undo'].'</a></p>';
  $strPosition .= '
  <div id="map_canvas" style="width:100%; height:350px;"></div>
  <input type="hidden" id="m_map_gcenter" name="m_map_gcenter" value="'.(!empty($row['y']) ? $row['y'].','.$row['x'] : '').'"/>
  ';
  $strPosition .= '<p class="small" style="margin:4px 0 2px 2px;text-align:right">'.$L['map']['addrlatlng'].' <input type="text" size="24" id="find" name="find" class="small" value="'.$_SESSION[QT]['m_map_gfind'].'" onkeyup="qtKeypress(event,\'findit\')" title="'.$L['map']['H_addrlatlng'].'"/> <input type="submit" id="findit" class="small" onclick="showLocation(document.getElementById(\'find\').value); return false;" value="'.$L['Search'].'"/></p>';
  echo '<tr class="data_o"><td class="colhd colhdfirst">',$L['map']['position'],'</td><td class="colct">',$strPosition,'</td></tr>';

  echo '<tr class="data_o">
  <td class="colhd colhdfirst">',$L['Coord'],'</td>
  <td class="colct"><input type="text" id="m_map_coord" name="coord" size="32" value="'.(!empty($row['y']) ? $row['y'].','.$row['x'] : '').'"/> <span class="small">',$L['Coord_latlon'],'</span></td>
  </tr>
  ';
}

echo '<tr class="data_o">
<td class="colhd colhdfirst">',$L['Privacy'],'</td>
<td class="colct">',$L['Email'],'/',$L['Location'],($bMap ? '/'.$L['map']['position'] : ''),' <select size="1" name="privacy">
<option value="2"',($row['privacy']=='2' ? QSEL : ''),'>',$L['Privacy_visible'][2],'</option>
<option value="1"',($row['privacy']=='1' ? QSEL : ''),'>',$L['Privacy_visible'][1],'</option>
<option value="0"',($row['privacy']=='0' ? QSEL : ''),'>',$L['Privacy_visible'][0],'</option>
</select></td>
</tr>
<tr class="data_o">
<td class="colhd colhdfirst"><input type="hidden" name="id" value="',$id,'"/><input type="hidden" name="name" value="',$row['name'],'"/></td>
<td class="colct"><input type="submit" name="ok" value="',$L['Save'],'"/>',( !empty($error) ? ' <span class="error">'.$error.'</span>' : '' ),'</td>
</tr>
</table>
</form>
';
echo '</td>
</tr>
</table>
';

// -- END EDIT PROFILE --
}
// -- END EDIT PROFILE --

// Edit

if ( $bCanEdit )
{
echo '<div class="pan_bot">',( $_SESSION[QT]['editing'] ? '<a href="'.Href($oVIP->selfurl).'?id='.$id.'&amp;edit=0">'.$L['Edit_stop'].'</a>' : '<a href="'.Href($oVIP->selfurl).'?id='.$id.'&amp;edit=1">'.$L['Edit_start'].'</a>'),'</div>';
}

// --------
// HTML END
// --------

// MAP MODULE
if ( $bMap ) { $bEdit=$_SESSION[QT]['editing']; include('qtfm_map_load.php'); }

include('qtf_p_footer.php');

?>
Return current item: QuickTalk Forum