Location: PHPKode > projects > QuickTalk Forum > quicktalk/qtf_user_question.php
<?php

/**
* PHP versions 4 and 5
*
* LICENSE: This source file is subject to version 3.0 of the PHP license
* that is available through the world-wide-web at the following URI:
* http://www.php.net/license.  If you did not receive a copy of
* the PHP License and are unable to obtain it through the web, please
* send a note to hide@address.com so we can mail you a copy immediately.
*
* @package    QuickTalk
* @author     Philippe Vandenberghe <hide@address.com>
* @copyright  2008-2012 The PHP Group
* @version    2.5 build:20100924
*/

session_start();
require_once('bin/qtf_init.php');
if ( !$oVIP->CanView('U') ) die($L['E_member']);

// INITIALISE

include('bin/qt_lib_smtp.php');
include(Translate('qtf_reg.php'));

$id = -1;
if ( isset($_GET['id']) ) $id = intval(strip_tags($_GET['id']));
if ( isset($_POST['id']) ) $id = intval(strip_tags($_POST['id']));
if ( $id<=0 ) die('Missing parameter');

$oVIP->selfurl = 'qtf_user_question.php';
$oVIP->selfname = $L['Secret_question'];
$oVIP->exiturl = 'qtf_user.php?id='.$id;
$oVIP->exitname = '&laquo; '.$L['Profile'];

// QUERY

$oDB->Query('SELECT name,mail,children,parentmail,picture,secret_q,secret_a FROM '.TABUSER.' WHERE id='.$id);
$row = $oDB->Getrow();

// --------
// SUBMITTED
// --------

if ( isset($_POST['ok']) )
{
  // CHECK VALUE and protection against injection

  $strQ = trim($_POST['secret_q']); if ( get_magic_quotes_gpc() ) $strQ = stripslashes($strQ);
  $strA = trim($_POST['secret_a']); if ( get_magic_quotes_gpc() ) $strA = stripslashes($strA);

  if ( empty($error) )
  {
    // save new password
    $oDB->Query('UPDATE '.TABUSER.' SET secret_q="'.QTconv($strQ,'3').'",secret_a="'.QTconv(strtolower($strA),'3').'" WHERE id='.$id);

    // exit
    $oVIP->exitname = $L['Profile'];
    $oVIP->EndMessage(NULL,$L['S_update'],$_SESSION[QT]['skin_dir'],2);
  }
}

// --------
// HTML START
// --------

include('qtf_p_header.php');

echo '
<table class="hidden" cellspacing="0" summary="change password">
<tr class="hidden">
<td class="hidden" style="width:175px"><br/>',AsImgBox( (empty($row['picture']) ? '' : AsImg(QTF_DIR_PIC.$row['picture']) ),'picbox','',$row['name']),'</td>
<td class="hidden">
';

HtmlMsg(0,'400px','login_header',$oVIP->selfname,'login');

echo '<form method="post" action="',Href(),'" onsubmit="return ValidateForm(this);">
<select id="secret_q" name="secret_q">',QTasTag($L['Secret_q'],$row['secret_q']),'</select>
<br/>
<br/>
<input type="text" id="secret_a" name="secret_a" size="32" maxlength="255" value="',$row['secret_a'],'"/></p>
<p style="text-align:right">';
if ( !empty($error) ) echo '<span class="error">',$error,' </span>';
echo '<input type="submit" id="ok" name="ok" value="',$L['Save'],'"/></p>
<input type="hidden" name="id" value="',$id,'"/>
<input type="hidden" name="name" value="',$row['name'],'"/>
<input type="hidden" name="mail" value="',$row['mail'],'"/>
<input type="hidden" name="child" value="',$row['children'],'"/>
<input type="hidden" name="parentmail" value="',$row['parentmail'],'"/>
<br/><p>',$L['H_Secret_question'],'</p>
</form>
';
HtmlMsg(1);

echo '
</td>
</tr>
</table>
<p><a href="',Href($oVIP->exiturl),'">',$oVIP->exitname,'</a></p>
';

// HTML END

$strFooterAddScript = '
<script type="text/javascript">
<!--
function ValidateForm(theForm)
{
  if (theForm.secret_a.value.length==0) { alert(qtHtmldecode("'.$L['E_mandatory'].': '.$L['Secret_question'].'")); return false; }
  return null;
}

-->
</script>
';

include('qtf_p_footer.php');

?>
Return current item: QuickTalk Forum