<?php require('layout/header.php'); ?>
<?php
if(isset($_POST['submit']) AND $_POST['submit']=='' . $lang['delete_cookies'] . '') {
include_once('framework/controller.php');
cookies_unset();
}
?>
<script type="text/javascript">
function showSuccessMessage() {
showNotification({
type : "success",
message: "<?php echo $lang['success_profile']; ?>"
});
}
function showErrorMessage() {
showNotification({
type : "error",
message: "<?php echo $lang['couldnot_profile']; ?>"
});
}
</script>
<div id="content_wrapper">
<div class="content"><?php
if(!isset($_SESSION['signed_in'])) {
echo '<p class="false">' . $lang['just_for_users'] . '!</p>
<p>' . $lang['you_need_to'] . ' <a href="signin.php">' . $lang['signin_s'] . '</a>.
- ' . $lang['not_yet'] . ' <a href="signup.php">' . $lang['registered'] . '</a>?</p>';
}else{
echo '<table align="center" class="usertable">
<tr>
<td align="center"><ul class="usermenu">
<li><a href="myprofile.php">' . $lang['my_profile'] . '</a></li>
<li><a href="guestbook.php">' . $lang['guestbook'] . '</a></li>
<li><a href="messagebox.php">' . $lang['messagebox'] . '</a></li>
<li><a href="password.php">' . $lang['password'] . '</a></li>
<li><a href="inbox.php">' . $lang['inbox'] . '</a></li>
<li><a href="outbox.php">' . $lang['outbox'] . '</a></li>
<li><a href="create_pm.php">' . $lang['m_newpm'] . '</a></li>
<li><a href="mypostings.php">' . $lang['my_posts'] . '</a></li>
<li><a href="infos.php">' . $lang['informations'] . '</a></li>
<li><a href="todo.php">' . $lang['m_todo'] . '</a></li>
<li><a href="news.php">' . $lang['news'] . '</a></li>
</ul></td>
</tr>
<tr>
<td><h1>' . $lang['my_profile'] . '</h1></td>
</tr>';
include_once('functions/bbcode.php');
include_once('functions/badwords.php');
if(isset($_POST['submit']) AND $_POST['submit']=='' . $lang['change_profile'] . '') {
$id = $_SESSION['user_id'];
$profile = "UPDATE
users
SET
user_sex = '" . mysql_real_escape_string($_POST['user_sex']) . "',
user_bday = '" . mysql_real_escape_string($_POST['user_bday']) . "',
user_email = '" . mysql_real_escape_string($_POST['user_email']) . "',
user_showmail = '" . mysql_real_escape_string($_POST['user_showmail']) . "',
user_homepage = '" . mysql_real_escape_string($_POST['user_homepage']) . "',
user_icq = '" . mysql_real_escape_string($_POST['user_icq']) . "',
user_live = '" . mysql_real_escape_string($_POST['user_live']) . "',
user_skype = '" . mysql_real_escape_string($_POST['user_skype']) . "',
user_facebook = '" . mysql_real_escape_string($_POST['user_facebook']) . "',
user_twitter = '" . mysql_real_escape_string($_POST['user_twitter']) . "',
user_about = '" . mysql_real_escape_string($_POST['user_about']) . "',
user_signature = '" . mysql_real_escape_string($_POST['user_signature']) . "'
WHERE
user_id = " . (int)$_SESSION['user_id'];
mysql_query($profile) OR die(mysql_error());
if(mysql_affected_rows() == 1) {
echo '<tr><td><p class="right">' . $lang['success_profile'] . '</p></td></tr>';
echo "<script type=\"text/javascript\">showSuccessMessage();</script>";
}else{
echo '<tr><td><p class="false">' . $lang['couldnot_profile'] . '</p></td></tr>';
echo "<script type=\"text/javascript\">showErrorMessage();</script>";
}
}
$abfrage = "SELECT
user_sex,
user_bday,
user_email,
user_showmail,
user_homepage,
user_icq,
user_live,
user_skype,
user_facebook,
user_twitter,
user_about,
user_signature
FROM
users
WHERE
user_id = " . (int)$_SESSION['user_id'];
echo '<tr><td>
<table width="100%">';
$result = mysql_query($abfrage) OR die(mysql_error());
$row = mysql_fetch_assoc($result);
echo '<tr>
<td colspan="2"><form id="profile" name="profile" method="post" action=""><p><strong>User Name: <span class="blue">' . $_SESSION['user_name'] . '</span> (User ID = <span class="blue">' . $_SESSION['user_id'] . '</span>)</strong></p></td>
</tr>
<tr>
<td width="350">'; if($row['user_sex']=='male') {
echo '<input type="radio" name="user_sex" value="male" checked> ' . $lang['male'] . ' ';
echo '<input type="radio" name="user_sex" value="female"> ' . $lang['female'] . '';
}elseif ($row['user_sex']=='female') {
echo '<input type="radio" name="user_sex" value="male"> ' . $lang['male'] . ' ';
echo '<input type="radio" name="user_sex" value="female" checked> ' . $lang['female'] . '';
}else{
echo '<input type="radio" name="user_sex" value="male"> ' . $lang['male'] . ' ';
echo '<input type="radio" name="user_sex" value="female"> ' . $lang['female'] . ''; }
echo '<br><br></td>
<td><strong>' . $lang['sex'] . '</strong><br><br></td>
</tr>
<tr>
<td width="350"><input name="user_bday" type="text" value="'; if($row['user_bday'] > 0) {
echo date('Y-m-d', strtotime($row['user_bday']));
}else{
echo ''; }
echo '" class="fields" size="40" maxlength="10"><br><br></td>
<td><strong>' . $lang['birthday'] . '</strong> <small>(yyyy-mm-dd)</small><br><br></td>
</tr>
<tr>
<td width="350"><input name="user_email" type="text" value="' . htmlentities($row['user_email'], ENT_QUOTES) . '" class="fields" size="40" maxlength="70"><br><br></td>
<td><strong>' . $lang['email_adress'] . '</strong><br><br></td>
</tr>
<tr>
<td width="350">'; if($row['user_showmail']=='1') {
echo "<input type=\"radio\" name=\"user_showmail\" value=\"1\" checked> " . $lang['yes'] . " ";
echo "<input type=\"radio\" name=\"user_showmail\" value=\"0\"> " . $lang['no'] . "";
}else{
echo "<input type=\"radio\" name=\"user_showmail\" value=\"1\"> " . $lang['yes'] . " ";
echo "<input type=\"radio\" name=\"user_showmail\" value=\"0\" checked> " . $lang['no'] . ""; }
echo '<br><br></td>
<td><strong>' . $lang['show_email_adress'] . '</strong><br><br></td>
</tr>
<tr>
<td width="350"><input name="user_homepage" type="text" value="' . htmlentities($row['user_homepage'], ENT_QUOTES) . '" class="fields" size="40" maxlength="70"><br><br></td>
<td><strong>' . $lang['homepage'] . '</strong><br><br></td>
</tr>
<tr>
<td width="350"><input name="user_icq" type="text" value="' . htmlentities($row['user_icq'], ENT_QUOTES) . '" class="fields" size="40" maxlength="35"><br><br></td>
<td><strong>ICQ</strong><br><br></td>
</tr>
<tr>
<td width="350"><input name="user_live" type="text" value="' . htmlentities($row['user_live'], ENT_QUOTES) . '" class="fields" size="40" maxlength="50"><br><br></td>
<td><strong>Live Messenger</strong><br><br></td>
</tr>
<tr>
<td width="350"><input name="user_skype" type="text" value="' . htmlentities($row['user_skype'], ENT_QUOTES) . '" class="fields" size="40" maxlength="50"><br><br></td>
<td><strong>Skype</strong><br><br></td>
</tr>
<tr>
<td width="350"><input name="user_facebook" type="text" value="' . htmlentities($row['user_facebook'], ENT_QUOTES) . '" class="fields" size="40" maxlength="70"><br><br></td>
<td><strong>Facebook</strong><br><br></td>
</tr>
<tr>
<td width="350"><input name="user_twitter" type="text" value="' . htmlentities($row['user_twitter'], ENT_QUOTES) . '" class="fields" size="40" maxlength="70"><br><br></td>
<td><strong>Twitter</strong><br><br></td>
</tr>
<tr>
<td colspan="2"><strong>' . $lang['about_me'] . '</strong><br><textarea name="user_about" class="fields_text" maxlength="500">' . htmlentities($row['user_about'], ENT_QUOTES) . '</textarea><br><small>(max. 500 ' . $lang['signs'] . ')</small><br><br></td>
</tr>
<td colspan="2"><strong>' . $lang['signature'] . '</strong><br><textarea name="user_signature" class="fields_text" maxlength="100">' . htmlentities($row['user_signature'], ENT_QUOTES) . '</textarea><br><small>(max. 100 ' . $lang['signs'] . ')</small><br><br></td>
<tr>
<td colspan="2"><input type="submit" name="submit" class="button" value="' . $lang['change_profile'] . '"></form><br><br></td>
</tr>';
echo '</table>
</td></tr>';
echo '<tr><td>
<table width="100%">
<tr><td>';
echo '<h1>' . $lang['my_avatar'] . '</h1>';
if(isset($_POST['submit']) AND $_POST['submit'] == "" . $lang['upload_avatar'] . "") {
$errors = array();
switch ($_FILES['pic']['error']){
case 1: $errors[] = '<p class="false">' . $lang['avatar_not_bigger'] . '.</p>';
break;
case 2: $errors[] = '<p class="false">' . $lang['avatar_not_bigger'] . '.</p>';
break;
case 3: $errors[] = '<p class="false">' . $lang['avatar_partially_uploaded'] . '.</p>';
break;
case 4: $errors[] = '<p class="false">' . $lang['avatar_not_selected'] . '.</p>';
break;
default : break;
}
if(!@getimagesize($_FILES['pic']['tmp_name']))
$errors[] = '<p class="false">' . $lang['avatar_invalid_typ'] . '.</p>';
else{
$erlaubte_typen = array('image/pjpeg',
'image/jpeg',
'image/gif',
'image/png'
);
if(!in_array($_FILES['pic']['type'], $erlaubte_typen))
$errors[] = '<p class="false">' . $lang['avatar_invalid_typ'] . '.</p>';
$erlaubte_endungen = array('jpeg',
'jpg',
'gif',
'png'
);
$endung = strtolower(substr($_FILES['pic']['name'],strrpos($_FILES['pic']['name'],'.')+1));
if(!in_array($endung, $erlaubte_endungen))
$errors[] = '<p class="false">' . $lang['avatar_allowed_typ'] . '.</p>';
$size = getimagesize($_FILES['pic']['tmp_name']);
if($size[0] > 100 OR $size[1] > 100)
$errors[] = '<p class="false">' . $lang['avatar_max_size'] . '.</p>';
}
if($_FILES['pic']['size'] > 0.2*1024*1024)
$errors[] = '<p class="false">' . $lang['avatar_not_bigger'] . '.</p>';
if(count($errors)){
echo '<p class="false">' . $lang['avatar_not_saved'] . '.</p>';
foreach($errors as $error)
echo $error;
}
else{
$uploaddir = 'images/avatars/';
$name = 'IMG_'.substr(microtime(),-8).'.'.$endung;
if(move_uploaded_file($_FILES['pic']['tmp_name'], $uploaddir.$name)) {
$sql = "UPDATE
users
SET
user_avatar = '" . mysql_real_escape_string(trim($name)) . "'
WHERE
user_id = " . $_SESSION['user_id'];
mysql_query($sql) OR die("<pre>" . $sql . "</pre>".mysql_error());
echo '<p class="right">' . $lang['avatar_succ_saved'] . '</p>';
echo "<script type=\"text/javascript\">showSuccessMessage();</script>";
}
else{
echo '<p class="false">' . $lang['avatar_not_saved'] . '.</p>';
echo "<script type=\"text/javascript\">showErrorMessage();</script>";
}
}}
elseif(isset($_POST['submit']) AND $_POST['submit'] == '' . $lang['delete_avatar'] . ''){
$sql = "SELECT
user_avatar
FROM
users
WHERE
user_id = " . (int)$_SESSION['user_id'];
$result = mysql_query($sql) OR die("<pre>" . $sql . "</pre>".mysql_error());
$row = mysql_fetch_assoc($result);
unlink('images/avatars/'.$row['user_avatar']);
$sql = "UPDATE
users
SET
user_avatar = ''
WHERE
user_id = " . (int)$_SESSION['user_id'];
mysql_query($sql) OR die("<pre>" . $sql . "</pre>".mysql_error());
echo '<p class="right">' . $lang['avatar_succ_deleted'] . '</p>';
echo "<script type=\"text/javascript\">showSuccessMessage();</script>";
}
echo '<form name="avatar" action="" method="post" enctype="multipart/form-data" accept-charset="ISO-8859-1">';
$sql = "SELECT
user_avatar
FROM
users
WHERE
user_id = " . (int)$_SESSION['user_id'];
$result = mysql_query($sql) OR die("<pre>" . $sql . "</pre>".mysql_error());
$row = mysql_fetch_assoc($result);
if($row['user_avatar'] == '')
echo '<p class="false">' . $lang['avatar_not_available'] . '.</p>';
else
echo '<img src="images/avatars/' . htmlentities($row['user_avatar'], ENT_QUOTES) . '"><br><br>';
if($row['user_avatar']=='') {
echo '<input type="hidden" name="MAX_FILE_SIZE" class="fields" value="' . (0.02*1024*1024) . '">';
echo '<input name="pic" class="fields" type="file"><br><br>';
echo '<input type="submit" name="submit" class="button" value="' . $lang['upload_avatar'] . '">';
}else{
echo '<input type="submit" name="submit" class="button" value="' . $lang['delete_avatar'] . '">';
echo '</form>';
}
echo '</td></tr>
</table>';
echo '<tr><td><table width="100%">
<tr><td><br>';
echo '<h1>' . $lang['manage_cookies'] . '</h1>';
echo '<p><strong>' . $lang['about_cookies'] . '</strong></p>';
if(isset($_POST['submit']) AND $_POST['submit']=='' . $lang['delete_cookies'] . '') {
echo '<p class="right">' . $lang['unset_cookies'] . '!</p>';
}
echo '<form id="cookies" name="cookies" method="post" action="">
<input type="submit" name="submit" class="button" value="' . $lang['delete_cookies'] . ' "></form>';
echo '<br><br></td></tr></table>
</td></tr>';
echo '</td></tr>
</table>';
}
echo '<div class="spacer_div"> </div>';
?>
</div>
</div>
<div id="infobox_wrapper">
<div class="infobox">
<?php include('layout/infobox.php'); ?>
</div>
</div>
<?php require('layout/footer.php'); ?>