Location: PHPKode > projects > top serious project > bco/view_profile.php
<?php

/***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/

require("include.php");
require("functions/functions.edit_profile.php");

$flag = 0; // Set this at 0 to denote no login.

if (!$logged_in) {
    //redirect("login.php?back=p.php?id=$_GET[id]");
    header("Location: $GLOBALS[base_url]" . "login.php?back=p.php?id=$_GET[id]");
} else {
	// Why is this even here?
    $flag = "1"; // Set this to 1 if the user is logged in
}

if ($_POST['submit'] == "update") {
	$auth_query = "select id from users where lower(username)=lower('$user_array[username]') and password='" . md5($user_array['password']) . "'";
	if (!$result = pg_query($auth_query)) {
		bco_error("Failed query at line " . __LINE__);
	}
	if (pg_num_rows($result) == 1) {
		process_edit_profile($_POST);
	} else {
		bco_error("Failed authorization.");
	}
	unset($result);
}

if ($_GET['id'] == "") {
    bco_error("What? No id? Go back and try again.");
} elseif (!is_numeric($_GET['id'])) {
    bco_error("User id is not a number, dweeb.");
} else {
    $username = bco_get_username(trim($_GET['id']));
}

// Get the default colors for the board
$query  = 'SELECT config_value '
        . ' FROM bco_config '
        . ' WHERE config_name = \'default_colors\'';
if (!$color_result = pg_query($query)) {
    bco_error("Query failed at line: " . __LINE__ . "<br />$query");
}

$colors = pg_fetch_result($color_result, 0);
// Comment everything between the comments out if you don't want this feature enabled.

// If I am looking at my own profile, we want to extract data to be thrown into the 
// fields to be edited.. this is kind of messy I think.
if (($_GET['id'] == $user_array['myuserid']) && ($_GET['action'] == "edit")) {
	$query  = "select email_signup, email_public, zipcode, aim_name, colors,";
	$query .= " extract(epoch from signup_date) as signup_date, location, website, banned,";
	$query .= " photo_url, info from users where id=$user_array[myuserid]";
} else {
	$query  = "SELECT extract(epoch from signup_date) as signup_date,";
    $query .= " email_public, aim_name, location, website, info, photo_url, colors, banned";
    $query .= " from users where id=$_GET[id]";
}

$row = pg_fetch_assoc(pg_query($query));

$total_posts_query  = "select count(id) from messages where createdby=$_GET[id]";
$total_posts        = pg_fetch_result(pg_query($total_posts_query), 0);

$started_query  = "select count(id) from subject_index where createdby=$_GET[id]";
$started        = pg_fetch_result(pg_query($started_query), 0);

$total_started_query    = "select id from subject_index order by id desc limit 1";
$total_started          = pg_fetch_result(pg_query($total_started_query), 0);

$all_posts_query    = "select id from messages order by id desc limit 1";
$all_posts          = pg_fetch_result(pg_query($all_posts_query), 0);

$replies = $total_posts - $started;
$total_replies = $all_posts - $total_started;

if ($replies > "0") {
    $replies_percent = round($replies/$all_posts*100, 3);
} else {
    $replies_percent = "0";
}

if ($started > "0") {
    $subject_percent = round($started/$total_started*100, 3);
} else {
    $subject_percent = "0";
}

if ($total_replies > "0") {
    $total_percent = round($total_posts/$all_posts*100, 3);
} else {
    $total_percent = "0";
}

if ($row['banned'] == 1) {
	$banned = 1;
} else {
	$banned = 0;
}

$profile =<<< END
<a href="send_pmsg.php?id=$_GET[id]" class="tr1">Send a private message to $username</a><br />
END;

// Update: What the fuck does the following comment mean?
// Comment the following if statement to remove the color stuff if you're not using it.
if (($colors == $row['colors']) || ($row['colors'] == "")) {
    $profile .= "\n$username is using the default scheme.<br />";
} elseif ($_GET['id'] == $user_array['myuserid']) {
	$profile .= "\n<a href=\"./c.php\" class=\"tr1\">Edit my colors.</a><br />";
} else {
    list($bgcolor,$tr1color,$tr2color,$formcolor,$mypostcolor,$fontface,$fontsize) = split(",", $row['colors']);
    $profile .= "\n<a href=\"" . $GLOBALS['base_url'] . "change_colors.php?background=$bgcolor&tr1color=$tr1color"
        . "&tr2color=$tr2color&formcolor=$formcolor&mypostcolor=$mypostcolor"
        . "&fontface=$fontface&fontsize=$fontsize&submit=preview\" class=\"tr1\">"
        . "View scheme $username is using</a><br />";
}
// End of color scheme viewing.

if ($row['email_public'] != "") {
    list($user,$domain) = split("@", $row['email_public']);
    $profile .= "<strong>email:</strong> " . $user . " @ " . $domain . "<br />";
}

if ($row['aim_name'] != "") {
    $profile .= "<strong>aim:</strong> " . $row['aim_name'] . "<br />";
}

if ($row['location'] != "") {
    $profile .= "<strong>location:</strong> " . $row['location'] . "<br />";
}

if ($row['website'] != "") {
    $profile .= "<strong>website:</strong> <a href=\"" . $row['website'] . "\" class=\"tr1\">$row[website]</a><br />";
}

if ($row['info'] != "") {
    $profile .= "<strong>info:</strong> " . nl2br(stripslashes($row['info'])); 
}

if ($row['photo_url'] != "") {
    $photo = "<img src=\"$row[photo_url]\" alt=\"Profile picture for $username\" />";
} else {
    $photo = "No photo for $username!";
}

bco_html_header("Profile for: $username - " . BOARD_TITLE);

bco_index_menu("Profile: $username");

// If the user has started threads, show a link to the history
if (($replies > 0) && ($flag == 1)) {
    $post_history_link = "<br />\n		(<a href=\"view_post_history.php?id=$_GET[id]&amp;start=0&amp;order=desc\" class=\"tr1\">View post history</a>)";
} else {
    $post_history_link = "";
}

$signup_date = date("F dS, Y \a\\t h:i a", $row['signup_date']);

echo "\n<br />";
echo "<table width=\"100%\" cellpadding=\"2\" cellspacing=\"0\" class=\"replytable\">";
echo "    <tr>";
echo "        <td align=\"left\" valign=\"top\" class=\"tr1\" width=\"325\">";
echo "        $profile<br />";
echo "        <br />";
echo "        <strong>Signup date:</strong> $signup_date<br />";
echo "        <strong>Total posts:</strong> $total_posts, $total_percent% of $all_posts.<br />";
echo "        <strong>Started:</strong> $started, $subject_percent% of $total_started.<br />";
echo "        <strong>Replies:</strong> $replies, $replies_percent% of $total_replies.";
echo "		$post_history_link";
echo "        </td>";
echo "        <td align=\"left\" valign=\"top\" class=\"tr1\" rowspan=\"2\">";
echo "        $photo";
echo "        </td>";
echo "    </tr>";
echo "</table>";

if ($_GET['id'] == $user_array['myuserid']) {
	if ($_GET['action'] == "edit") {
		echo "\n<div align=\"center\"><h3><a href=\"view_profile.php?id=$_GET[id]\">Hide edit fields.</a></h3></div>";
	} else {
		echo "\n<div align=\"center\"><h3><a href=\"view_profile.php?id=$_GET[id]&amp;action=edit\">Edit profile.</a></h3></div>";
	}
}

if (($_GET['id'] == $user_array['myuserid']) && ($_GET['action'] == "edit")) {
echo <<< END
\n<form method="post" action="$PHP_SELF">
<table width="100%" cellpadding="2" cellspacing="0" class="replytable">
    <tr>
        <td valign="top" width="250"><strong>Private email:</strong><br /><span class="smallfont">This email is where passwords will be sent if they are lost. This will never be displayed.</span></td>
        <td valign="top" align="left"><input type="text" name="email_signup" value="$row[email_signup]" class="textfield" /></td>
    </tr>
    <tr>
        <td valign="top" width="250"><strong>Public email:</strong><br /><span class="smallfont">This email will be made public.</span></td>
        <td valign="top" align="left"><input type="text" name="email_public" value="$row[email_public]" class="textfield" /></td>
    </tr>
    <tr>
        <td valign="top" width="250"><strong>Zip Code:</strong><br /><span class="smallfont">Will be used later in later version of BCO. Not public.</span></td>
        <td valign="top" align="left"><input type="text" name="zipcode" value="$row[zipcode]" class="textfield" /></td>
    </tr>
    <tr>
        <td valign="top" width="250"><strong>AOL IM:</strong></td>
        <td valign="top" align="left"><input type="text" name="aim_name" value="$row[aim_name]" class="textfield" /></td>
    </tr>
    <tr>
        <td valign="top" width="250"><strong>Location:</strong><br /><span class="smallfont">Not used in conjunction with zipcode.</span></td>
        <td valign="top" align="left"><input type="text" name="location" value="$row[location]" class="textfield" /></td>
    </tr>
    <tr>
        <td valign="top" width="250"><strong>Website:</strong></td>
        <td valign="top" align="left"><input type="text" name="website" value="$row[website]" class="textfield" size="50" /></td>
    </tr>
    <tr>
        <td valign="top" width="250"><strong>Photo:</strong><br /><span class="smallfont">URL may not be longer than 255 characters. MUST include http://</span></td>
        <td valign="top" align="left"><input type="text" name="photo_url" value="$row[photo_url]" class="textfield" size="50" /></td>
    </tr>
    <tr>
        <td width="250" valign="top"><strong>Info</strong><br />No html. Max 500 characters</td>
        <td align="left" valign="top"><textarea name="info" rows="10" cols="55" class="textfield">$row[info]</textarea></td>
    </tr>
    <tr>
        <td width="250" valign="top">&nbsp;</td>
        <td align="left" valign="top"><input type="submit" name="submit" value="update" class="button" /></td>
    </tr>
</table>
<input type="hidden" name="email_signup_old" value="$row[email_signup]" />
<input type="hidden" name="email_public_old" value="$row[email_public]" />
<input type="hidden" name="zipcode_old" value="$row[zipcode]" />
<input type="hidden" name="aim_name_old" value="$row[aim_name]" />
<input type="hidden" name="location_old" value="$row[location]" />
<input type="hidden" name="website_old" value="$row[website]" />
<input type="hidden" name="photo_url_old" value="$row[photo_url]" />
<input type="hidden" name="info_old" value="$row[info]" />
</form>
END;
}

bco_html_footer();

?>
Return current item: top serious project